MyArticle » Computers » Intranet » Active directory user manager better choice than ADMA tools

Active directory user manager better choice than ADMA tools

View PDF | Print View
by: scottmorton
Total views: 257
Word Count: 572
Date: Wed, 14 Sep 2011 Time: 7:19 AM


User accounts in an active directory can be provisioned, synchronized and de-provisioned with the help of Active Directory Management Agent (ADMA) tools. These tools are efficient in managing most of the tasks involved in single and multiple user management; however, even these tools are not without flaws. With the help of an active directory management agent it is possible to create new users, change or reset user passwords, enable/disable users and modify user object attributes. In order to create an active directory management agent, administrators can follow the steps mentioned below:

1.Log on to the Compass client as an administrator
2.View the MMS server DSA object
3.On the Actions menu, click Create New Management Agent
4.In the Create Management Agent box, click Microsoft Active Directory Management Agent, and then name the MA
5.In the Configure the Management Agent pane, click the Active Directory Discovery Settings tab
6.Under Discovery Settings and Forest to discover, type the name (***.com) of the Active Directory forest
7.Under Active Directory Login Information, type the name and password of the administrator or another user with appropriate rights. The name must be in UPN format (administrator@***.com) or domainname\username format.
8.Click OK to save the current settings.

Let us see some of these functionalities with ADMA tools along with their drawbacks. Errors like the one given below often crop up when ADMA are used to create user objects with passwords that does not comply by the group policy configuration settings.

“ERR_00 0600 01/05/17 17:59:21.247 (AD-MA_PostUserAddProcessing) Failed to set password for CN=22855,OU=MMSUsers,DC=Samplename,DC=com.”

Due to such type of errors, the ADMA may stop processing user objects and stop the synchronization process. Furthermore, it may also be the case that user objects having valid password are treated as disabled user objects. Therefore, better tools are required to carry out active directory user management more reliably and conveniently.

In the next part of this article we will see how an advanced active directory server management software can be used in place of a management agent.

Active directory user manager

Lepide Active Directory Management and Reporting Software have been developed to work as an AD user manager so as to avert the drawbacks of using ADMA tools. This AD server management software has many in-built features which are apt for easy user management, whether single or multiple.

For single users, this tool has provision for modifying user properties like display name, account password, password limitations and logon details; modifying general attributes (name, email ID, address); managing user account functions and managing Exchange functions. Apart from these basic functionalities, this server management software also helps in managing the directory attributes of end users, moving the user objects from one OU container to another, sending messages to users and generating query based user details.

This active directory user management software further simplifies bulk user management. With this tool it is possible to unlock multiple user accounts, reset multiple account passwords, move multiple user objects to different OU container, delete, enable or disable multiple users and change or assign home directory of multiple users. Furthermore, administrators can also manage the group and common attributes of multiple users and also modify the group user policies or work station permits simultaneously.

Therefore we see that this active directory user manager proves to be an independent and more effective tool than ADMA consoles, when it comes to single or bulk user management.

About the Author

The author of this article is a database administrator with over a decade of experience in handling Windows Active Directory structure. In this article the author has talked about the fundamentals of active directory user management and how AD users can be managed with the help of server management software.

Latest Articles about: Intranet

Popular Articles about: Intranet

Rating: Not yet rated