Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Active Administrator 8.8.1 - User Guide

Active Administrator Overview User Provisioning Certificates Security & Delegation  Active Directory Health
Switching to Active Directory Health Using the Active Directory Health landing page Installing Active Directory Health Analyzer agents Using the Active Directory Health Analyzer agent configuration utility Excluding domain controllers Managing the Remediation Library Analyzing Active Directory health Analyzing Microsoft Entra ID Managing Active Directory Health Analyzer alerts Managing alert notifications Pushing alerts to System Center Operations Manager and SNMP managers Managing monitored domain controllers Managing data collectors Active Directory Health Templates Managing Active Directory Health Analyzer agents Using the Troubleshooter Recovering Active Directory Health data
Auditing & Alerting Group Policy Active Directory Recovery Active Directory Infrastructure DC Management DNS Management Configuration
Using the Configuration landing page Managing tasks Defining role-based access Setting email server options Configuring SCOM and SNMP Settings Setting notification options Setting Active Template options Setting agent installation options Setting recovery options Setting GPO history options Setting certificate configuration Setting service monitoring policy Managing archive databases Migrating data to another database Setting a preferred domain controller Setting up workstation logon auditing Managing configuration settings Setting user options Managing the Active Directory server
Diagnostic Console Alerts Appendix
Domain controller alerts
Active Directory Certificate Services service is not running Active Directory Domain Services is not running Active Directory Web Services service is not running Consecutive replication failures DC cache hits DC DIT disk space DC DIT log file disk space DC LDAP load DC LDAP response too slow DC Memory Usage DC properties dropped DC RID pool low DC SMB connections DC SYSVOL disk space DC time sync lost Detected NO_CLIENT_SITE record DFS Replication service not running DFS service is not running DFSR conflict area disk space DFSR conflict files generated DFSR RDC not enabled DFSR sharing violation DFSR staged file age DFSR staging area disk space DFSR USN records accepted DFSRS CPU load DFSRS unresponsive DFSRS virtual memory DFSRS working set DNS Client Service is not running Domain controller CPU load Domain controller page faults Domain controller unresponsive File Replication Service is not running File replication (NTFRS) staging space free in kilobytes GC response too slow Group policy object inconsistent Hard disk drive Intersite Messaging Service is not running Invalid primary DNS domain controller address Invalid secondary DNS domain controller address KDC service is not running LSASS CPU load LSASS virtual memory LSASS working set Missing SRV DNS record for either the primary or secondary DNS server NETLOGON not shared NetLogon service is not running Orphaned group policy objects exist Physical memory Power supply Primary DNS resolver is not responding Secondary DNS resolver is not responding Security Accounts Manager Service is not running SRV record is not registered in DNS SYSVOL not shared W32Time service is not running Workstation Service is not running
Domain alerts Site alerts Forest alerts Microsoft Entra Connect alerts
Event Definitions PowerShell cmdlets

Managing password policies

Previous Next


Security & Delegation > Managing password policies

Managing password policies

You can manage Fine Grained Password Policy (FGPP) by linking password policies to users or groups.

* 
NOTE: Fine-grained password policies always take precedence over domain password policy.
Topics 
Creating a new fine-grained password policy
Linking a password policy
Sending password notifications
To manage password policies
1
Click Security & Delegation | Password Policies.
2
Browse to select a domain.

The General tab is divided into three areas. The top area lists the current password policies. Select a policy in the top area to view the groups and users linked to the selected policy. Select a group or user in the middle area to view the password policies linked to that selected group or user.

The Report tab provides a list of user accounts with expired passwords and password about to expire. You can choose to send email notifications to selected accounts. See Sending password notifications.

3
Use the tool bar options to manage password policies. You also can right-click a policy, user, or group and choose from a shortcut menu.
 

Table 18. Password policies tool bar

Option

Description

Refresh Policies

Refresh the display.

Create Policy

Create a new password policy. See Creating a new fine-grained password policy.

Edit Policy

Modify the selected password policy.

Delete Policy

Delete the selected password policy.

Refresh Policy Links

Refresh the links to the password policies.

Link Policy

Link groups and users to the selected password policy. See Linking a password policy.

Unlink Policy

Unlink the selected groups or users from the password policy.

Unlink All

Unlink all groups and users from the selected password policy.

Creating a new fine-grained password policy

Previous Next


Security & Delegation > Managing password policies > Creating a new fine-grained password policy

Creating a new fine-grained password policy

Password policies for the selected domain display in the top area of the window. To see what users and groups are linked to a policy, select the policy. The linked users and groups display in the center area.

To create a new fine-grained password policy
1
Click Security & Delegation | Password Policies.
2
Browse to locate a domain.
3
Click Create Policy.
4
Type a name for the password policy.
5
Type a description for the password policy.
6
Determine the precedence of the policy.
7
By default, the password is protected from accidental deletion. To remove the protection, clear the check box.
8
Select the settings for the password.
9
Select the maximum number of days until the password expires.
10
Select the settings for locking out the account.
11
Click OK.

To link users and groups to the policy, see Linking a password policy.

Linking a password policy

Previous Next


Security & Delegation > Managing password policies > Linking a password policy

Linking a password policy

Users and groups linked to a selected password policy display in the center area of the window. To see if the user or group is linked to another policy, select the user or group. The other links display in the bottom area.

To link a user or group to a password policy
1
Click Security & Delegation | Password Policies.
2
Browse to locate a domain.
3
Select a policy, and click Link Policy.
4
Choose the users or groups to link to the password policy.
5
Click OK.

Sending password notifications

Previous Next


Security & Delegation > Managing password policies > Sending password notifications

Sending password notifications

You can preview a list of user accounts with passwords about to expire. You also can choose user accounts to receive notifications.

To send password notifications
1
Click Security & Delegation | Password Policies.
2
Browse to locate a domain.
3
Open the Preview tab.
4
Click Preview.
5
Enter the number of days before passwords expire. The default is 30 days.
6
The list displays user accounts with passwords that are about to expire. To include accounts with expired passwords, select the check box.
7
To create a custom email list, select the users to receive the email password reminder notification. You can filter the list of user accounts, and use Select All and Clear All to help with the selection.
8
To send the email password reminder notifications immediately to the selected user accounts, click Send Notification.
9
Click Yes to accept the confirmation message.
Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation