Monday, 26 September 2011

Lepide Active Directory Management Recovers what is important to you....


Windows Active Directory is a hierarchical structure that is used to manage resources, services and objects configured in a network that runs on Windows Server. AD objects constitute the main functions within a domain and the network as a whole. The framework of objects in Active Directory is diverse and can consist of some hardware, security settings or even end users. Every object has an object ID and has its own set of object attributes defined by the Active Directory schema. Active Directory objects can be viewed in any of the three levels of the directory tree structure, viz., forests, trees and domains.

For large organizations where there are thousands of users and processes as a part of their network, the size of the forest could be quite large, sometimes consisting of the entire network itself. The forest might hold information about all the users, configured computers and domain controllers among others. Active Directory management thus involves the task of keeping a tab of all the directory objects and managing them.

Tools to recover deleted AD object
For Active Directory administrators, it is important to manage all such objects within the network and also make updates as per the dynamic business needs. A worst case scenario can be when one or more objects (user accounts or an entire OU) get deleted in some peculiar way. To come out of this problem, Windows Active Directory comes with a pack of Active Directory Administration Mode (ADAM) Tools which contain different consoles to help administrators with varied management jobs.
  • One such tool is the ADAM ADSI Edit (adsiedit.msc). ADAM ADSI Edit is a Microsoft Management Console (MMC) snap-in tool which is used to view and modify directory objects.
  • In order to modify the permissions on deleted objects another ADAM Tools, DSACLS.exe program can be used.
  • The native method of restoring the objects by using the command line tool ntdsutil.exe (“ntdsutil authoritative restore” command) can also be tiresomely opted for.
  • Windows server 2008 R2 comes with a new Recycle Bin feature that offers a mechanism to restore the deleted objects back to the AD structure. Using this feature however means that the entire AD forest have to be upgraded to Windows Server 2008 R2 forest functional level.
Need for better tools
LepideActive Directory Management and Reporting (LADMR) software is a proficient Active Directory management tool that can relieve administrators from the use of complex ADAM tools and command line utilities. This software has been developed to manage AD objects including users, user properties, general attributes, and other non user objects conveniently without any scope of error.

Piyush
piyush@lepide.com

No comments:

Post a Comment