GPO Deny Finder 1.0

This utility scans all GPOs in your domain and looks for Deny ACEs . If it finds them, it reports out the GPO, the Trustee (i.e. user,group, computer) that is assigned to the ACE and the permission that is set to denied (usually permGPOApply for Read and Apply Group Policy permissions).

Recent Posts

• Speaking in Chicago Next Month!
• Group Policy Storage Whitepaper Updated!
• Elevating AD Domain Access With Write Access on the Domain NC Head
• Performing a Denial of Service on AD–How Hard Is it Really?
• Protecting Active Directory–Making AD and Group Policy Less “Visible” to Attackers

Category Tag Cloud