Difference between revisions of "Active Directory/Scripts & Tools"
Jump to navigation
Jump to search
m |
|||
Line 1: | Line 1: | ||
− | __NOTOC__ | + | __NOTOC__{{Active_Directory_toc}} |
==Existing== | ==Existing== | ||
===Stuff You See=== | ===Stuff You See=== |
Revision as of 17:39, 21 February 2007
Existing
Stuff You See
- DNS Suffix Report
- Checks that computers are registered in QIP and that they are registered with the correct DNS suffix.
- Only sends report if there are problems detected.
- Runs weekly on Mondays at 8:00 AM.
Stuff You Don't See
- LAPCrawler Report
- Summarizes the results of the Local Administrator Password Change Crawler (LAPCrawl) for the past 24 hours.
- LAPCrawl is currently only utilized for ECE OU computers.
- Runs every day at 8:00 AM.
- AD Object Report
- Summarizes all creations, deletions, and modifications of Active Directory objects in the last 24 hours.
- Runs every day at 8:00 AM.
- Admin Usage Report
- Summarizes all usages of administrative accounts (*.admin, *.ouadmin, and *.domadmin) in the last 24 hours.
- Runs every day at 8:00 AM.
- Backup DC System State
- Does a complete backup of each domain controller.
- Full backups are done weekly every Saturday morning.
- Incremental backups are done every Tuesday, Wednesday, Thursday, and Friday morning.
- DC Health Report
- Checks the status of the domain controllers using the dcdiag utility.
- Runs every day at
- Cleanup DC Backups
- Deletes old DC backups.
- Deletes all incremental backups.
- Deletes full backups older than 27 days.
- Runs weekly on Saturdays at 12:00 AM.
- Duplicate Computer Accounts Report
- Detects duplicate computer accounts that exist on both the ECEW2K and WOLFTECH domains.
- Used only during the ECEW2K->WolfTech migration, though could be used to help with other migrations.
- Runs every day at AM.
- EventLog Errors Report
- Summarizes EventLog errors from domain and ECE departmental servers in the past 1 hour.
- Runs every hour at 45 mins past the hour.
- GPO Delegation
- Delegates permissions on group policy objects.
- Gives NCSU-Departmental OU Admins read permissions on domain/NCSU GPOs.
- Gives COE-Departmental OU Admins read permissions on COE GPOs.
- Gives ECE OU Admins full permissions on ECE GPOs.
- Gives CNR OU Admins full permissions on CNR GPOs.
- Gives BME OU Admins full permissions on BME GPOs.
- Gives NCSU-Software Packages full permissions on SW-NCSU* and FW-NCSU* GPOs.
- Gives COE-Software Packages full permissions on SW-COE* GPOs.
- Gives ECE-Software Packages full permissions on SW-ECE* GPOs.
- Runs daily at 3:30 AM.
- Group Membership Modified Report
- Detects changes to important security groups and reports to domain admins.
- GuardDog Groups Manager Report
- Summarizes security group changes for GuardDog groups.
- Hack Attempts Report
- Summarizes security audit failures on domain and ECE departmental servers.
- Invalid UserIDs Report
- Checks domain user accounts against ldap.ncsu.edu to detect accounts that should be disabled, enabled, or deleted.
- Runs daily at 3:00 AM.
- LDAP Account Manager Report
- Creates user accounts by searching ldap.ncsu.edu for employees with supported OUCs and students with supported curriculum codes.
- Runs daily at 8:00 AM.
- Log Monitor
- Monitors the EventLogs on domain and ECE departmental servers using Microsoft Log Parser.
- SAM Notify Report
- Sends password synchronization reminders to students enrolled in notified classes.
- Notified classes are specified in the wolftech_myit.tlabs_crs_groups table.
- Runs weekly on Mondays at 6:00 PM.
- Server Local Login Report
- Summarizes logins to domain and ECE departmental servers over the past 24 hours.
- Runs daily at 8:00 AM.
- Software Database Report
- Checks the packaged software database against the software groups in Active Directory.
- Runs weekly on Mondays at 8:00 AM.
- Software Replication Report
- Replicates software groups from parent OUs to departmental OUs.
- Runs daily at 12:00 AM.
- Only sends a report when groups are created or modified.
- Student Account Manager Report
- Creates and maintains course groups for supported colleges from Sybase.
- Runs daily at 9:00 AM
- Update Info from LDAP Report
- Synchronizes directory data from LDAP to Active Directory for employees.
- Runs daily at 8:30 AM.