Need Notification when Users from specific Security Group are Disabled
I set up an automation to start a work order when members of a specific security group are disabled. It is working as designed, however, I need to include the actual User Names in the email being generated. Currently it is sending me an email, and when I go into the request I can click View Objects to see the actual user accounts. Is there a way to include this info in the notification email?
Folder Permissions for User, Directory Depth
Hello; My company is currently evaluating the software for SOX requirements. I was curious to see if there was any configuration available for directory depth. say I wanted to go only a few levels deep from a certain directory like E:\libs. Is there any way to do this? Thank you.
Directory Depth, User Access to Folders report
Hello; My company is currently evaluating ADManager plus. We like the reporting for SOX requirements but were wondering about customization. When I search a directory for users, I cannot find a place to configure directory depth. Say I wanted to move 2 levels past a directory called C:\ABC. Is this option available? Thank you.
Members of Groups report not working correctly
We run a scheduled report to list the members of all the groups in a particular OU. We have noticed however that the report is not listing the members of the groups correctly. For instance we have one user that is a member of a group which we can see in AD but the report is not showing this user as a member of that group. Is this a bug or an issue somewhere else? We are on build 6.3.8.6380 of AD Manager Plus
Set Default "Log On To" Domain in AD Manager Plus
Is there a way to set the default "Log On To" domain for Technicians logging into ADManager Plus? It appears that it defaults to the first domain in alphabetical order. I'd like to set another domain as the default but I'm unable to find the setting. Any help would be appreciated!
Unable to add new Help Desk Technician in AD Delegation.
When trying to add a new technician, and I choose the 'Select AD User', the user I'm looking for doesn't show up. This user is in the same security groups as others but I can't find her. Also when you try to filter by groups, all the groups are listed but the 'Get users' button retrieves a 'No Matching Object(s) Found.' message. I've had very little experience with this AD Manager console but know how to use AD. I must be missing something. Any help would be appreciated. Thank you!
Password Policy Bulk User insert
Say I have a list of new users and I want to set specific password policies for them (similar to the Random Password setup). Can this be done using the Bulk upload tool?
Hierarchy for templates
We have a bunch of store locations that I need to apply specific store contact data to user accounts. So for instance I have been creating user creation templates for each location, that has specific address info for that store. However, in this template I might need to hide a tab and make that tab hidden for all store user creation templates. If I have 300 plus stores, with 300 plus templates (which no I haven't created yet) I don't want to have to make the same change to all of the individual
Technician access question
In ADmanager Plus I have set up Technicians and limited there access by OU. I also created templates for new accounts and those templates included user groups that did not exist in the OUs for the technicians. So, when the technician uses the template it will only allow them to add the groups for their own OUs. This kind of makes sense. Well, is there a way to add additional groups from other OUs without giving them access to the full OU? I tried include but I think that limits them to only
AD Manager multiple Exchange Servers to choose for templates
We are setting up templates for our customer to create the users for each branch worldwide. Due to this we have more than one exchange server on which the databases are located. Inside the templates I just can choose one exchange server and the corresponding db. In case of an failover (maintenance or down) the template will crash or create the mailbox in an other database... So has anybody else the same issues and got a solution to avoid that? Should be possible to access the exchange servers by
Use-case 35: How To Identify Users That Do Not Comply Password Policies In Your Active Directory
One of the main conceptions of a highly secure environment, with a lots of GPOs interlinked and enforced, is the mental-make up of having a strong password policy. On the contrary, there is a wide-open possibility of a "password policy slip". These users can go unnoticed, unmanned for password change and undeniably open doors for threat. Some of the advantages of changing passwords, at regular intervals are, 1. Compromised employees who have been using your password cannot snoop in and remain,
Send a welcome letter from a template as part of the workflow
As a part of our workflow for creating new users, we always send a welcome letter that we have templatized. Is it possible to have ADManager do this also as a last step for creating a new user in our workflow?
ManageEngine ADManager Plus service won't start after upgrade
Hello. We upgraded our server yesterday from 6.3.5.0 to 6.3.8.0, and everything seemed fine. However, this morning we came in and couldn't get to the webpage. We logged onto the server and found the service was stopped, and would not start, giving this error: We then found out the drive had run out of space, so we extended it, freeing up 50 GB and rebooted the server, but same issue. We then checked the wrapper.log and found this: STATUS | wrapper | 2016/07/13 12:01:52 | Launching a JVM...
Reporting
Hi, I am trying to find a report that can show me either of both of the following: 1) A list of users and which servers they have access to 2) A list of Servers and which users have access to them I can see the Compliance Reports > Server Permissions are great for the server and equally and Security Reports > Servers Accessible by Account is the other, but I need to do this for a large number of users \ servers as part of an audit and don't fancy clicking each object as there are hundreds ..... Is
Scheduled Compliance Report
We would like to be able to schedule a compliance report showing user permissions across multiple servers in the domain. The option is in place to output to the screen, but that requires clicking on "Advanced" to see the actual permissions. Is there a way to output that information to give to our Compliance team? Thank you.
ScheduleReport XLSX Format Instead ZIP
Hello , When I Send Reports Through Schedule Report it arrived as ZIP Files To Users. I Want to Change It To XLSX Files Instead. How Can I ? Best Regards, Gabi.
More password creation options
When setting up a new user and/or setting the password complexity rules, it gives you the option to select a dictionary password and/or the option to select a special character(s) or or number(s). The problem is that there is no way to do both. We currently use Monkey.train.ruler1 or similar to unrelated words together to create new and also rather secure passwords for our users. At current I cannot find a way to do this, however it doesnt seem like it would be that difficult to do since the framework
Need Help With Report
Hello , Need help to create Report With Those customizing filters: Account Disabled equals 'FALSE' And Last Logon is less than or equal to '90 days ago' And Distinguished Name does not contain 'OU=Services' And Last Password Change is less than or equal to '90 days ago. How to do it? please help Thanks Gabi
How user creation templates adapt dynamically- Introducing user creation rules
ADManager Plus is a one-stop solution for Active Directory user account provisioning with simultaneous Exchange mailbox, Skype for Business, Google Apps and Office 365 account creation. While creating users through ADManager Plus, have you ever felt the need for templates to auto-fill fields based on certain conditions? Let's say, you have a template for a regional office. While provisioning users through the template, you would like the address, manager, OU container, etc., to be populated
Bulk Group Creation Error
Hi, Is there a limit to how many users I can add to a group during bulk group creation? I have a CSV file that creates groups and adds about 14 users but I keep getting an error saying the server is unwilling to process the request: Code 80072035. I have looked for this error and ensured the causes are not in the CSV file. No duplicates etc. Really need to get this working as we have 37 groups to add with 14 users in each one.
Reporting
I need a report of accounts that were created over 180 days ago... but have never been logged into. Is that possible? thanx, Jeff
Disable Policy - Group Removal
Is there a way to remove users from certain groups, instead of ALL of them via the Disable Policy? I ask because we're not ready to move to Template-based user permissions (yet) and we need to leave Security groups on each disabled user's account. (believe me, I know the risk in that). Would there be some kind of an on-demand deprovisioning that we could create that would remove groups we designate? I could simply fill the removal list with all of our Distribution Lists, and if any of the groups
Migrate to MS SQL
Is it possible to EASILY migrate ADManager Plus to MS SQL on a different server?
Need help identifying the workflow needed to building a bulk csv import template..
We have O365 subscriptions, so we use two different new user templates that run a small script at the end to assign either a E2 or E3 O365 license after the user is created in AD. I am having difficulty in seeing how to create a csv file, with the appropriate AD property names as the headers. I was hoping someone knew of a quick and easy way to peak inside the new user creation process via template, to see what all the csv headers needed to be. Also, im not sure if the scripts that run along with
Bulk Account creation
Hi, I understand that the whole point of AD User bulk creation feature is time saving hence need to know the following before I know if it's any useful for me or not? Is there any way to use an excel workbook rather than CSV as converting columns to csv format but take more time than creating the account manually. I created a template in AD Manage Plus for user creation but when I try to upload a csv but got the following validation errors: As per the screenshot below: I have selected Logon name(pre-windows
Use-case 33: How To Manage Contract Employee In Your Active Directory Part II
On an earlier post on, How to manage contract employees(https://forums.manageengine.com/topic/use-case-16-how-to-manage-contract-employees-in-your-active-directory), we had a glimpse at how you can set account expiry dates and render the contract employee account unusable after a point in time. And what accounts work best for contract employees(https://forums.manageengine.com/topic/use-case-26-what-account-works-best-for-contract-employees-in-your-active-directory), we had two account options based
Use-case 32: How To Monitor Employee Login On A Daily Basis In Your Active Directory.
Monitoring logon activity is a great way to gauge productivity of an employee. By this we can also monitor attendance, ensure logon takes place in authorized business hours, etc. Active Directory stores logon timestamps on lastLogon and lastLogonTimestamp attrbutes. The difference between the two attributes are, lastLogon attribute stores the last time the user logged on to the domain through that specific domain controller. This is non replicating attribute. lastLogonTimestamp attribute replicates
How do i add remove manager from user in a automation?
Hi, Is there any way to add remove manager from user in a automation? Is there a guide? Admanager made my life so much easier :)
Enabling HTTPS
Hi All, I have been running ADManager Plus for a while now and been using HTTP to connect. I enabled HTTPS couple days ago and now I cannot access the tool. I get " This page can't be displayed" message. It did work right after I enabled HTTPS. Now the service does not start and netstat does not show port 8443. Thanks
Groupmanagement on specific OUs
Hi there, I am trying to set up a new role for our application admins and it does not work as I planed it. Here ist what I have done so far: - added a new technican - chose a the role to edit groups, in this case to add and delete members - chose the right OU where the groups lay in If the admin logs in on the website he can see the groups but is not able to add users, which are in different OUs. For example: OU1 called DMS with several groups -> this OU I have added to the technican OU2 called Corp
Use-case 27: How To Delegate Permissions In The Active Directory For Users/Groups/Computers And Revoke Them Easily
Delegation is a fanta-bulous feature provided by Active Directory to assign permissions or rights over an OU or an account. Let's say we assign permission to reset passwords for all users under an OU, to another user. This delegation wizard will substantially reduce the time consumed by an IT help desk to respond for a password reset ticket, as his sidekick would share and bear the load. What are the advantages of Active Directory Delegation? Rather than adding users to a privileged group, for
Off-boarding user, export info and disable/move?
I see there are some features/options with the product, that can automate disabling and moving a disabled user to an OU and removing their attributes. But is there a way in the automation to first export/e-mail all the users' AD info (like running the powershell cmdlet "get-aduser -properties *") first, before doing the disabling and attribute scrubbing? The purpose of that would be to have a log of what attributes the user had before ADManager scrubs them. There is a Custom Script area,
Deprovisioning automation/policy question
Hello First thanks for the product. it's great. edit: doh, I'm so stupid sorry. I didn't realize in automation policy, you can have multiple "instant tasks". Is that the best way to do it if you want to disable a user, remove security groups, and move them to an OU, all in the same "task"?
Use-case 26: What Accounts Work Best For Contract Employees In Your Active Directory
To begin with, let's bring out some differences between your regular employees and your contract employees. 1. Regular employees do not come with an end-of-contract date, whereas contract employee do. 2. Regular employees would require an account on the domain to provide access over resources, whereas contract employees may not. 3. Regular employees would require a dedicated mailbox to send, receive and store emails that are exchanged within the organization, whereas an external mailbox would suffice
Use-case 25: When And How To Reset Computer Account Password In Your Active Directory
Just like user accounts, computer accounts also have passwords in the Active Directory. This password allows them to constantly communicate with the Domain Controllers, through the security channel. Information pertaining to computer account, group membership, etc. are exchanged through this secure channel. The password is changed without any user intervention once in 30 days by default, just to keep the passage secure. If the computer loses it's connectivity with the DC, owing to a few reasons like
How can I make my templates available for other users?
Hello, I have created some users creation and modification templates and Im the only one who can use them, I need to make them available for other operators. Dont know if there is an export/import feature or a way to make them "public" Thank you
Modifying one local user account on multiple servers
Hello, We just had an instance where we had to change the password on a local admin account used on several servers. This was time consuming to say the least! Is there any way that ADManager Plus could have done this? If not, is it something you might consider for a new feature in a future release? Thank you, Kelly B
Moving scheduled reports
Hi, I need to move some scheduled reports from one computer to another. Is this easy to do or do I have to re-create all the reports? There are quite a lot of them. Regards,
Groups and numbers of members
I haven't been able to create a report that provides just the group name and number of members in the groups. Anyone know how that is done?
Use-case 24: How To Isolate And Migrate Home Folders/Profile Paths Of Employees When Decommissioning File Servers In Your Active Directory
Some pain points I.T. Asset Management(ITAM) Ops deal with, is life-cycle management of servers. Especially, when there is a request for change of an out-of-date file server which was not accounted/maintained properly, during its lifetime. This causes great difficulty in validating the documents, tracking access entries to the documents and assessing the impact of retiring the server. Home folders and profile paths are Active Directory resources, which are usually associated with file servers. They
Next Page