Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Interrogating security policies in Active Directory
- Thread starter motoko
- Start date
I am surprised no one has answered this yet. I was very curious to see the answer myself. I am looking into the same thing; I have not been able to research a lot, but I have found out that the ad data resides in a database, so presumably that is why crystal doesn't have any special means to accessing it. I am going to work with our sys admin to find out more. Please let me know if you find any great documentation, etc on this. Good luck!
I found this article, but have not worked out all the kinks to get it to actually work. It looks like I am connecting to AD and it shows up in the Database expert window, but does not offer any tables or other data when expanded. (Says no items found).
Anyone have any ideas on this?
I have tried this in both CR10 and 9.
Thanks!
Anyone have any ideas on this?
I have tried this in both CR10 and 9.
Thanks!
- Thread starter
- #4
I never got the driver to work.
The sys admin found some sort of scripting language (ldp - lightweight directory protocol) to query active directory and we are probably going to schedule a script to run via ce, then run a report based on that.
The sys admin found some sort of scripting language (ldp - lightweight directory protocol) to query active directory and we are probably going to schedule a script to run via ce, then run a report based on that.
HI folks
You might want to have a look on on how to access Active Directory. Details on Group Policy Object are not to be found in in the AD database though. The only settings about Group policies in AD are: gPLink and gPOptions. Those informations are basically references to GUID's of GPO's and special settings, such as filtering, no override and block inheritance. The actual settings in the policies are stored below the sysvol share on Domain Controllers.
The group policy settings are stored in adm and inf files located on domain controllers. One way of accessing these files is using UNC's similar to: <domaincontrollername>\sysvol\<domainname>\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\
Below these you will find *.inf and *.adm with the settings of the Group Policy with GUID {6AC1786C-016F-11D2-945F-00C04fB984F9}
Regards
Poul
If you don't know the Group Policy Management Console (GPMC), consider having a look on it. It might help you
The Actual download page for the GPMC is
You might want to have a look on on how to access Active Directory. Details on Group Policy Object are not to be found in in the AD database though. The only settings about Group policies in AD are: gPLink and gPOptions. Those informations are basically references to GUID's of GPO's and special settings, such as filtering, no override and block inheritance. The actual settings in the policies are stored below the sysvol share on Domain Controllers.
The group policy settings are stored in adm and inf files located on domain controllers. One way of accessing these files is using UNC's similar to: <domaincontrollername>\sysvol\<domainname>\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\
Below these you will find *.inf and *.adm with the settings of the Group Policy with GUID {6AC1786C-016F-11D2-945F-00C04fB984F9}
Regards
Poul
If you don't know the Group Policy Management Console (GPMC), consider having a look on it. It might help you
The Actual download page for the GPMC is
I tried out the Crystal - AD connection for a bit but found that outputting to csv is much easier and more flexible. The original question was regarding group policies and not just group information (which can be pulled from AD unlike gpo info.) and I agree with Poujor that gpmc is the way to go. It is great for keeping up with group policy settings.
Yes, I see there is a difference b/w what motoko originally asked and what I needed. For once the data I need isn't the absolute hardest thing to get 
Just to say I tried, I walked through the procedure in the document above trying a few different times, however I still remain unable to make a connection. Since the last bit of that document suggests that the csv method is not too terrible, I will stick with that for the time being.
Just to say I tried, I walked through the procedure in the document above trying a few different times, however I still remain unable to make a connection. Since the last bit of that document suggests that the csv method is not too terrible, I will stick with that for the time being.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question