Show/Hide Toolbars

To start the wizard for inventorying the Active Directory service, either click the Network Scan button or the Active Directory button. The Active Directory step will be displayed after you have selected a company and a domain and entered your credentials (see: Basic Steps).


Using the Start Search at filter criterion, you can restrict the AD scan to a specific organizational unit. Click the Select OU button to open a dialog where you can select the desired organizational unit. If you do not enter a filter criterion, Docusnap will inventory the entire Active Directory system.

In the Advanced option you can, by enabling the checkbox Scan Structure Permissions, determine whether the permissions for an Active Directory object should be inventoried. It can also be determined whether the sites and the domain structure should also be inventoried.


The Analysis in IT Security requires a complete Active Directory inventory of users, groups and computers to be completely correct. Thus you can determine for the Active Directory inventory, that users, groups and computers of all organizational units will be scanned, even if a filter for a specific organizational unit has been defined. Once an organizational unit has been set, the Inventory all Users, Groups and Computers checkbox will be displayed in the Advanced option for this purpose.

In addition, you can retrieve group policies. They will then be displayed with the corresponding organizational units or domain. To scan the information for group policy objects, you need to specify the computer where the Group Policy Manager Console (GPMC) is installed. It does not matter whether the GPMC is available on the local system or on a remote system.

In the Active Directory Classes group, you can select the Active Directory classes to be included in the scan.

With every Active Directory inventory, the name of domain controller from which the inventory data was scanned is also stored. This domain controller is displayed in the Explorer with the scan date.