Documentation forAccess Rights Manager

Visualize nested group structures

The central component of every Active Directory (AD) is the group concept. Administrators use groups to assign access rights and resources to individual users or user groups. This results in nesting: For example, the group "Marketing" gives access rights to the corresponding file server directories of the department.

At the same time, however, the group is also a member (i.e. nested) of the group "Access Wlan 4th floor". The Access Rights Manager AD Graph shows the nesting structure in your Active Directory and helps you to recognize grown structures and adjust structural errors.

Step-by-step process

Switch to Accounts to see the AD Graph view.

  1. Find the AD group by entering its name into the search field. For example: "Marketing". Select the desired result from the Groups section of the drop-down.
  2. If you can't find your resource click on "See more results".
  1. The "Marketing" group is the focus of the following analysis.
  2. Above the group you see other groups in the AD graph that the "Marketing Group is a member in, the so-called "parents". All "parent" groups, both direct and indirect, are listed on the left-hand side. Indirect "parents" are indicated by a blue arrow.
  3. On the right hand side you can see the name of the group listed at the top. Underneath it you can see a list of all "children", both direct and indirect, of the group.
  4. You can open and close the individual branches on the AD graph by clicking on the icon. The number listed indicates the number of direct "parents" or "children".