Audit Active Directory Extended Rights

This is a powershell script that will scan and audit your active directory structure for any users with permissions for extended rights, and the organizational unit paths that those permissions are granted on. Can be used in conjunction with a LAPS solution to audit LAPS access.

 
 
 
 
 
(0)
491 times
Add to favorites
Active Directory
4/11/2017
E-mail Twitter del.icio.us Digg Facebook
Verified on the following platforms
Windows 10 Yes
Windows Server 2012 Yes
Windows Server 2012 R2 No
Windows Server 2008 R2 Yes
Windows Server 2008 Yes
Windows Server 2003 No
Windows Server 2016 No
Windows 8 Yes
Windows 7 Yes
Windows Vista No
Windows XP No
Windows 2000 No
This script is tested on these platforms by the author. It is likely to work on other platforms as well. If you try it and find that it works on another platform, please add a note to the script discussion to let others know.