立即与支持人员聊天
与支持团队交流

Active Administrator 8.6.3 - User Guide

Active Administrator Overview User Provisioning Certificates Security & Delegation  Active Directory Health
Switching to Active Directory Health Using the Active Directory Health landing page Installing Active Directory Health Analyzer agents Using the Active Directory Health Analyzer agent configuration utility Excluding domain controllers Managing the Remediation Library Analyzing Active Directory health Analyzing Azure Active Directory Managing Active Directory Health Analyzer alerts Managing alert notifications Pushing alerts to System Center Operations Manager and SNMP managers Managing monitored domain controllers Managing data collectors Active Directory Health Templates Managing Active Directory Health Analyzer agents Using the Troubleshooter Recovering Active Directory Health data
Auditing & Alerting Group Policy Active Directory Recovery Active Directory Infrastructure DC Management DNS Management Configuration
Using the Configuration landing page Managing tasks Defining role-based access Setting email server options Configuring SCOM and SNMP Settings Setting notification options Setting Active Template options Setting agent installation options Setting recovery options Setting GPO history options Setting certificate configuration Setting service monitoring policy Managing archive databases Migrating data to another database Setting a preferred domain controller Setting up workstation logon auditing Managing configuration settings Setting user options Managing the Active Directory server
Diagnostic Console Alerts Appendix
Domain controller alerts
Active Directory Certificate Services service is not running Active Directory Domain Services is not running Active Directory Web Services service is not running Consecutive replication failures DC cache hits DC DIT disk space DC DIT log file disk space DC LDAP load DC LDAP response too slow DC Memory Usage DC properties dropped DC RID pool low DC SMB connections DC SYSVOL disk space DC time sync lost Detected NO_CLIENT_SITE record DFS Replication service not running DFS service is not running DFSR conflict area disk space DFSR conflict files generated DFSR RDC not enabled DFSR sharing violation DFSR staged file age DFSR staging area disk space DFSR USN records accepted DFSRS CPU load DFSRS unresponsive DFSRS virtual memory DFSRS working set DNS Client Service is not running Domain controller CPU load Domain controller page faults Domain controller unresponsive File Replication Service is not running File replication (NTFRS) staging space free in kilobytes GC response too slow Group policy object inconsistent Hard disk drive Intersite Messaging Service is not running Invalid primary DNS domain controller address Invalid secondary DNS domain controller address KDC service is not running LSASS CPU load LSASS virtual memory LSASS working set Missing SRV DNS record for either the primary or secondary DNS server NETLOGON not shared NetLogon service is not running Orphaned group policy objects exist Physical memory Power supply Primary DNS resolver is not responding Secondary DNS resolver is not responding Security Accounts Manager Service is not running SRV record is not registered in DNS SYSVOL not shared W32Time service is not running Workstation Service is not running
Domain alerts Site alerts Forest alerts Azure Active Directory Connect alerts
Event Definitions PowerShell cmdlets About us

Managing security

Previous Next


Security & Delegation > Managing security

Managing security

The main permissions display in Active Administrator® provides extended information in addition to the general rights that are visible in the built-in tools. You also can enable/disable accounts and reset passwords.

Topics 

Managing Active Directory objects

Previous Next


Security & Delegation > Managing security > Managing Active Directory objects

Managing Active Directory objects

The Active Directory® containers and objects are listed in a tree in the left pane. You can drill down in the tree and view details in the top right pane.

To drill down and view details
1
Click Security & Delegation | Security.

Table 10. Security tool bar

Option

Description

Refresh

Refresh the display.

Refresh Container

Refresh the selected container.

Properties

Edit the properties of the selected container.

View

View and report on all users, groups, organization units, or computers. See Viewing Active Directory objects by type and Reporting on Active Directory objects by type.

New

Add a new computer, contact, group, organizational unit, printer, shared folder, or user.

Delete

Delete the selected objects.

Permissions

Manage native permissions. See Viewing native permissions.

Delegations

Manage Active Template delegations. See Viewing Active Template delegations.

More | Rename

Rename the selected object.

More | Add to Group

Add selected accounts to a group. See Managing group memberships.

More | Unlock

Unlock the selected accounts. See Resetting passwords.

More | Reset Password

Reset the password on the selected account. See Resetting passwords.

More | Reset Computer

Reset the password on selected computers. See Resetting computers.

More | Manage Computer

Opens the Microsoft® Computer Management Console.

More | Move

Move selected Active Directory objects to another container. See Moving Active Directory objects.

More | Disable

More | Enable

Disable or enable the selected accounts. The icon for an enabled account is blue. If an account is disabled, the icon is gray.

NOTE: There is no confirmation for the process.

More | Group Members

Manage the list of users in the selected group. See Managing group memberships.

NOTE: If the Forest functional level is Windows Server® 2016 or Windows Server 2019, and the Privileged Access Management Feature is enabled for the forest, you can change the Time-to-Live (TTL) value for selected group members.

More | Group Membership Wizard

Opens the Group Membership Wizard where you can add multiple members to selected groups. See Managing group memberships.

Viewing Active Directory objects by type

Previous Next


Security & Delegation > Managing security > Viewing Active Directory objects by type

Viewing Active Directory objects by type

You can view all Active Directory® objects of a specific type within a container and its subcontainers. You can choose to view all users, groups, organizational units, or computers. Within each view, you can customize the display by selecting the columns of interest to you. When viewing users, you can filter the list by entering criteria for selected columns. You can display the list as a report that you can view or print, or you can schedule a report to run at the time of your choosing.

To view Active Directory objects by type
1
Click Security & Delegation | Security.
3
Select a container, click View, and choose a type to view.

Table 11. View objects tool bar

Option

Description

Back

Return to the previous display.

Refresh

Refresh the display.

Stop

Stop loading of objects if the process is taking too long.

Report List

Display the list as a report that you can view or print.

Export

Export the list to a .csv or .txt file.

NOTE: To export only selected columns, click Column, select the columns to exclude from the export, and click OK.

LDAP Path

Display the path to the selected object.

Move the selected object to a different container. See Moving Active Directory objects.

Columns

Select the columns you want to display or export. By default, all columns are selected.

Filter

Filter the list of users. There is a filter for each column.

To clear a filter, click Filter, click Clear, and click OK.

Schedule

Schedule a report for the selected object. See Reporting on Active Directory objects by type.

Reporting on Active Directory objects by type

Previous Next


Security & Delegation > Managing security > Reporting on Active Directory objects by type

Reporting on Active Directory objects by type

You can generate and schedule reports for all Active Directory® objects of a specific type within a container and its subcontainers. When viewing users, you can filter the list by entering criteria for selected columns. You can display the list as a report that you can view or print, or you can schedule a report to run at the time of your choosing.

To generate a report and display in a report editor
1
Click Security & Delegation | Security.
3
Select a container, click View, and choose a type to view.

When viewing users, you can filter the list by entering criteria for selected columns.

4
Click Report List.
To schedule a report to send by email or to save to a file
1
Click Security & Delegation | Security.
3
Select a container, click View, and choose a type to view.
4
Click Schedule.

To send an email

a
Click Email, if necessary.

To save the file to a folder

a
Click Save to Folder.
b
Click Add.
d
Click OK.
11
Click Set Schedule, set the schedule for the report, and click OK.
12

The scheduled report is added to the list of scheduled reports.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级