Many organizations, large and small, maintain an Active Directory environment. Over time even well-managed AD environments will suffer the crud of forgotten objects. Emergency changes and other unique additions often create resources that don’t follow established governance policy. Coping with system sprawl is a fact of life in most organizations. Our tools must help us cope with this and ensure that unintended vulnerabilities are introduced into the environment.