Active Directory Inventory
Docusnap automatically collects all relevant Active Directory data, including users, groups, organizational units, and containers.
The benefits of Active Directory inventory with Docusnap
Active Directory inventory with Docusnap provides IT administrators and IT managers with a comprehensive and efficient solution for managing their IT infrastructure. This powerful feature automatically collects all relevant Active Directory data, including users, groups, organizational units, containers, and other important objects. The data is stored in a structured manner in an ITIL-compliant Configuration Management Database (CMDB), which enables detailed analysis and administration.
The practical benefits of Docusnap's Active Directory inventory are manifold. Automated data collection significantly minimizes manual effort and ensures that documentation of the IT landscape is always up to date. By graphically configuring the classes and attributes, individual requirements can be easily taken into account, which increases adaptability to various business needs. Docusnap also supports scheduled inventory, so that regular updates can be carried out automatically.
The data obtained forms the perfect basis for numerous IT tasks. Whether planning and executing migrations, monitoring the security structure, or optimizing user and group management, the detailed information from Active Directory inventory is essential. The ability to document historical changes between different inventory points in time is particularly helpful in order to obtain valuable information when analyzing errors.
Docusnap automatically creates a variety of output documents that support IT administrators in their daily work. This includes reports on user and group structures, visualizations of organizational units, and plans of group nesting and memberships. These documents can be exported to Microsoft Visio and adapted to the company's corporate design, which makes integration into existing documentation processes easier.
Overall, Active Directory inventory with Docusnap provides an efficient and reliable solution for managing and analyzing the IT infrastructure. With comprehensive documentation and visualization options, Docusnap helps IT professionals to optimally monitor and manage their systems, which ultimately leads to increased operational efficiency and security.
Active Directory inventory in Docusnap
Useful plans and reports
Permissions
- A full ADS scan requires you to log in as a domain administrator.
- Specified in NetBIOS or UPN notation
- As a domain user, a query is also possible — provided that the standard configuration has not been changed,
- It is not possible to read out the configuration partition
- It is not possible to collect Bitlocker recovery keys. The AD class MSFVE_RecoveryInformation is reserved for domain administrators
- Optional inventory of GPOs requires access to the domain controller via PsExec.exe
- Only one domain user is required for the ADDS reconciliation.
Requirements
- Inventory via script is possible
- Transparent firewall configuration
- PsExec can be blocked by a virus scanner
Supported systems
- LDAP v.2
Logs used
Protokoll
Port
LDAP - Lightweight Directory Access Protocol, unsecured (LDAP)
389
TCP/UDP
LDAP - Lightweight Directory Access Protocol, TLS-secured (LDAPS)
636
TCP/UDP
DCE Endpoint Solution, Microsoft-DS Active Directory, Windows Shares (CIFS) - Group Policy Only
135, 445
TCP