Convert them to distribution groups and they will retain their SID but no longer be inserted into a user's token. You can subsequently remark them as security groups if someone complains.
Thanks, Brian Desmond [email protected] c - 312.731.3132 From: Paul Hutchings [mailto:[email protected]] Sent: Wednesday, August 18, 2010 2:18 PM To: NT System Admin Issues Subject: Finding unused/dead groups? Is there a recommended way to determine which groups (be it Domain Local or Global) are still in active use in a given domain? Ideal world Microsoft would give groups a "disable" property, but since there isn't, other than at some point hitting "Delete" and waiting for the phone to ring there doesn't seem any decent way to determine this. Thanks. ________________________________ MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England. Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
