Try this: adfind -s subtree -f "msNPAllowDialIn=TRUE" username note that the "TRUE" is case sensitive...
Don't have ADFind? Get it from joeware.net... *********************** Charlie Kaiser [email protected] Kingman, AZ *********************** > -----Original Message----- > From: Eric Brouwer [mailto:[email protected]] > Sent: Thursday, June 16, 2011 7:30 AM > To: NT System Admin Issues > Subject: Determine who has VPN access? > > Greetings! > > I have a Windows 2003 Server configured for VPN access. Is there a > way to determine what users/groups have the Dial-In/VPN right outside > of going through each user in Active Directory? > > Thank you, > > Eric ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
