Author Posts

April 4, 2018 at 7:29 am

So,

I'm wokring on a script that can be applied across multiple domains to:

1) Alert me when a specific condition has been met (Completed, all working)
2) Lock down the network shares for SMB and DFS.

I understand that mupltiple users can have the access blocked but I don't really fancy having to type out a list of users with comma's.

Now, the majority of networks I work with have a generalised group for every user to make permissions easier to deal with.

Would there be a way of using the group name rather than a list of every single user in AD?

April 4, 2018 at 1:47 pm

Do you mean, "can you use an AD group as part of an SMB share's Access Control List?" Yes.