Active Directory/Scripts & Tools

From WolfTech
Revision as of 17:39, 21 February 2007 by Djgreen (talk | contribs)
Jump to navigation Jump to search

Existing

Stuff You See

  • DNS Suffix Report
    • Checks that computers are registered in QIP and that they are registered with the correct DNS suffix.
    • Only sends report if there are problems detected.
    • Runs weekly on Mondays at 8:00 AM.

Stuff You Don't See

  • LAPCrawler Report
    • Summarizes the results of the Local Administrator Password Change Crawler (LAPCrawl) for the past 24 hours.
    • LAPCrawl is currently only utilized for ECE OU computers.
    • Runs every day at 8:00 AM.
  • AD Object Report
    • Summarizes all creations, deletions, and modifications of Active Directory objects in the last 24 hours.
    • Runs every day at 8:00 AM.
  • Admin Usage Report
    • Summarizes all usages of administrative accounts (*.admin, *.ouadmin, and *.domadmin) in the last 24 hours.
    • Runs every day at 8:00 AM.
  • Backup DC System State
    • Does a complete backup of each domain controller.
    • Full backups are done weekly every Saturday morning.
    • Incremental backups are done every Tuesday, Wednesday, Thursday, and Friday morning.
  • DC Health Report
    • Checks the status of the domain controllers using the dcdiag utility.
    • Runs every day at
  • Cleanup DC Backups
    • Deletes old DC backups.
    • Deletes all incremental backups.
    • Deletes full backups older than 27 days.
    • Runs weekly on Saturdays at 12:00 AM.
  • Duplicate Computer Accounts Report
    • Detects duplicate computer accounts that exist on both the ECEW2K and WOLFTECH domains.
    • Used only during the ECEW2K->WolfTech migration, though could be used to help with other migrations.
    • Runs every day at AM.
  • EventLog Errors Report
    • Summarizes EventLog errors from domain and ECE departmental servers in the past 1 hour.
    • Runs every hour at 45 mins past the hour.
  • GPO Delegation
    • Delegates permissions on group policy objects.
    • Gives NCSU-Departmental OU Admins read permissions on domain/NCSU GPOs.
    • Gives COE-Departmental OU Admins read permissions on COE GPOs.
    • Gives ECE OU Admins full permissions on ECE GPOs.
    • Gives CNR OU Admins full permissions on CNR GPOs.
    • Gives BME OU Admins full permissions on BME GPOs.
    • Gives NCSU-Software Packages full permissions on SW-NCSU* and FW-NCSU* GPOs.
    • Gives COE-Software Packages full permissions on SW-COE* GPOs.
    • Gives ECE-Software Packages full permissions on SW-ECE* GPOs.
    • Runs daily at 3:30 AM.
  • Group Membership Modified Report
    • Detects changes to important security groups and reports to domain admins.
  • GuardDog Groups Manager Report
    • Summarizes security group changes for GuardDog groups.
  • Hack Attempts Report
    • Summarizes security audit failures on domain and ECE departmental servers.
  • Invalid UserIDs Report
    • Checks domain user accounts against ldap.ncsu.edu to detect accounts that should be disabled, enabled, or deleted.
    • Runs daily at 3:00 AM.
  • LDAP Account Manager Report
    • Creates user accounts by searching ldap.ncsu.edu for employees with supported OUCs and students with supported curriculum codes.
    • Runs daily at 8:00 AM.
  • Log Monitor
    • Monitors the EventLogs on domain and ECE departmental servers using Microsoft Log Parser.
  • SAM Notify Report
    • Sends password synchronization reminders to students enrolled in notified classes.
    • Notified classes are specified in the wolftech_myit.tlabs_crs_groups table.
    • Runs weekly on Mondays at 6:00 PM.
  • Server Local Login Report
    • Summarizes logins to domain and ECE departmental servers over the past 24 hours.
    • Runs daily at 8:00 AM.
  • Software Database Report
    • Checks the packaged software database against the software groups in Active Directory.
    • Runs weekly on Mondays at 8:00 AM.
  • Software Replication Report
    • Replicates software groups from parent OUs to departmental OUs.
    • Runs daily at 12:00 AM.
    • Only sends a report when groups are created or modified.
  • Student Account Manager Report
    • Creates and maintains course groups for supported colleges from Sybase.
    • Runs daily at 9:00 AM
  • Update Info from LDAP Report
    • Synchronizes directory data from LDAP to Active Directory for employees.
    • Runs daily at 8:30 AM.

Coming