Got it. Thanks -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, December 05, 2005 3:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Obsolete Domain groups
Nope, there is no last used. Kind of hard to define last used for a group anyway, for instance for a security group it would be the last time anyone from the group logged in and the group SID was stuffed in the user's token. If you are talking security groups, the best to do is change the group to a DL and then it won't get added to security groups. If there is no screaming for a couple of months, you are probably safe. If the group is used for non-Windows security or to send IMs or emails to a group of people or otherwise group items (like OUs or whatever) then a solution would be to put the groups in a heavily protected OU so nothing can read the membership for a while and make sure no one screams. Either way, dump the membership to some other format so you can repopulate as needed and before final delete, clear the membership for a while. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Figueroa, Johnny Sent: Sunday, December 04, 2005 4:05 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Obsolete Domain groups Does anyone know of a way to identify old\obsolete domain groups? Are the group objects in AD stamped with something like a last used date stamp?. I am thinking a member server with some resources and domain permissions on those resources has to ask the domain some questions about it. Thanks Johnny Figueroa Enterprise Network Consultant/Integrator Network Services Banner Health Voice (602) 495-4195 Fax (602) 495-4406 WARNING: This message, and any attachments, are intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or employee/agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of the communication is strictly prohibited. If you receive this communication in error, please notify us immediately List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
