Say you have a Security group. It's undocumented, nobody knows "what" it does, but everybody "knows" it is used for something.
If some application (SQL Server or some random web app) for instance, uses this AD group object as a reference for certain permissions that are application specific...
Is there ANYWHERE to look? Does the event log audit when group objects are accessed like this, and does it supply relevant information such as process, executable, user, etc...?
