RE: Working Your SOX Off – SQLServerCentral

SSC Guru

Points: 172994

October 3, 2007 at 7:37 am

Liliya,

That actually might be one of those little things that differs from auditor to auditor.

None of the local department ITS support groups in my workplace have actually been asked for Active Directory or Windows Groups lists. Usually, the auditors go to the ITS group that manages Active Directory. I don't know if these people are a part of our Server Admin team or have their own "AD Team" collection, but in my experience, they are the ones the auditors contact when wanting a list of all the users associated with specific Windows Groups.

If the auditors ask for this information again, you might want to point out that you aren't in charge of AD and that using SQL Server to pull that information is not the best method of getting it. Telling them that you might not get all the logins for each Group by pulling it through SQL Server might help get them off your back. And this is absolute truth if the SQL Statements are written wrong. @=)

Brandie Tarvin, MCITP Database AdministratorLiveJournal Blog: http://brandietarvin.livejournal.com/[/url]On LinkedIn!, Google+, and Twitter.Freelance Writer: ShadowrunLatchkeys: Nevermore, Latchkeys: The Bootleg War, and Latchkeys: Roscoes in the Night are now available on Nook and Kindle.