+ Post New Thread
Results 1 to 10 of 10
Windows Thread, Active Directory Clean up in Technical; Morning all, Spent yesterday diagnosing a login issue and in doing so I realised how much of a mess our ...
  1. #1
    Jake's Avatar
    Join Date
    Jan 2006
    Location
    Sunny South Coast
    Posts
    954
    Thank Post
    11
    Thanked 12 Times in 10 Posts
    Rep Power
    21

    Active Directory Clean up

    Morning all,

    Spent yesterday diagnosing a login issue and in doing so I realised how much of a mess our AD is, redundant accounts, empty OUs, empty groups, groups that contain another group as a member and that group has the initial group as a member, so effectively just looping around on itself and achieving nothing.

    Just wondered what methods you all use to clean up AD, redundant accounts are easy enough to manage by last login date, but the looping groups thing I'm not so sure of the best way to get an idea of , which doesnt involve me having to check every group.

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,828
    Thank Post
    875
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by Jake View Post
    Morning all,

    Spent yesterday diagnosing a login issue and in doing so I realised how much of a mess our AD is, redundant accounts, empty OUs, empty groups, groups that contain another group as a member and that group has the initial group as a member, so effectively just looping around on itself and achieving nothing.

    Just wondered what methods you all use to clean up AD, redundant accounts are easy enough to manage by last login date, but the looping groups thing I'm not so sure of the best way to get an idea of , which doesnt involve me having to check every group.
    I just try to keep it as simple as possible. I also use some powershell scripts that will disbale inactive accounts and diable and eventually delete old computers.

  3. #3

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    330
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    21
    That sounds nice! Any chance of a look?

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,828
    Thank Post
    875
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Yep, I am away from the office until next week. I am going to make a blog about them soon

  5. #5

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    330
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    21
    that would be nice to see. We were about to embark on a manual process of this task ourselves over summer, but this would be great!

  6. #6
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,762
    Thank Post
    897
    Thanked 416 Times in 350 Posts
    Blog Entries
    12
    Rep Power
    86
    I use Dovestone Tools utilities.

    Active Directory Tools, Active Directory Software

    They have a last logon and last computer seen features that can show which computers and users are now redundant.

    I tend to clean any computer or user that has not been "seen" on the network in the last 6 months.

    Keeps things very clean.

    EDIT: This is the actual app. Costs $99 and well worth it.

    http://www.dovestones.com/products/True_Last_Logon.asp
    Last edited by zag; 28th June 2012 at 03:52 PM.

  7. #7
    Heebeejeebee's Avatar
    Join Date
    Nov 2006
    Location
    Intergalactic Cruise
    Posts
    1,050
    Thank Post
    68
    Thanked 75 Times in 59 Posts
    Rep Power
    34
    Don't let it get into a mess in the first place



    HBJB

  8. #8

    Join Date
    Dec 2007
    Location
    cumbria
    Posts
    182
    Thank Post
    7
    Thanked 43 Times in 39 Posts
    Rep Power
    25

  9. #9

    Join Date
    May 2010
    Location
    UK
    Posts
    165
    Thank Post
    40
    Thanked 9 Times in 9 Posts
    Rep Power
    10
    the solarwinds "trio of AD tools" work well for deleting old computers / user accounts:

    Download FREE trials from SolarWinds

  10. #10

    Join Date
    Feb 2012
    Location
    West Midlands
    Posts
    45
    Thank Post
    0
    Thanked 6 Times in 6 Posts
    Rep Power
    6
    Check out AD Tidy from cjwdev dot co dot uk - its free and will help you clear all the mess out - certainly did for me when I inherited a network with loads of old muck lying about.

SHARE:
+ Post New Thread

Similar Threads

  1. Guide to setting up Active directory
    By zag in forum MIS Systems
    Replies: 11
    Last Post: 19th September 2009, 07:40 AM
  2. active directory all messed up
    By alonebfg in forum Windows
    Replies: 2
    Last Post: 7th January 2008, 08:25 PM
  3. Replies: 19
    Last Post: 10th August 2006, 09:12 AM
  4. Query Active Directory through asp page
    By KarlGoddard in forum Web Development
    Replies: 19
    Last Post: 22nd February 2006, 12:15 PM
  5. Setting up test scenario on Server 2003/Active Directory/GPO
    By tosca925 in forum How do you do....it?
    Replies: 20
    Last Post: 24th January 2006, 11:38 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •