Installation and Administration

The content below is intended for administrators who are responsible for installing and configuring Specops Active Directory Janitor.

Requirements

The computer where Specops Active Directory Janitor will be installed should meet the following requirements:

  1. Windows Server 2008 or later
  2. .NET Framework 3.5 or later

Note: In order to install .NET Framework 3.5, you can:

  • Run the following administrator level command prompt: dism /online /enable-feature /featurename:NetFX3 /all /Source:D:\sources\sxs /LimitAccess
  • Add it using the Roles and Features Wizard. You can open the wizard from the Control Panel\Programs and Features\Turn Windows Features on or off.
  1. Domain or Enterprise administrator rights
Installing Active Directory Janitor

To install Specops Active Directory Janitor:

  1. Download the latest version of Specops Active Directory Janitor from here.
  2. Open the Windows Installer Package msi.
  3. Read and accept the License Agreement.
  4. Click Install.
  5. Once the installation is complete, click Finish to close the Setup Wizard.

To update your license file:

  1. Open Specops Active Directory Janitor.
  2. In the navigation pane, expand Product Management and select Enter license key.
  3. Enter your license information in the appropriate fields, and click Activate.
Tasks

You can scan computers and users to find outdated or unused computer or user accounts in Active Directory.

Scan computers

  1. Open Specops Active Directory Janitor.
  2. In the navigation pane, select Scan computers under Tasks. If the tasks pane is collapsed, click to expand.
  3. From the Selected Domain drop box, select a specific domain to scan.
  4. You will need to select where to look for accounts. You can either:
    Pick accounts manually:

    • To select a specific computer account to scan, type the name of the account in the Account name field.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to continue.

    Pick accounts from Active Directory:

    • Browse to the Organizational Unit you want to add.
    • Enable Include accounts in sub containers to include sub containers.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to continue.

    Import text file:

    • To import a list of accounts from a text file, enter the file name or browse to the location of the file. Note: Account name must be in the leftmost column of the file.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to continue.
  5. Click Select properties to select the properties to scan on the computers.
  6. Click Start scanning.
  7. When the scanning is complete, you can view the results.

Note: You can sort the result by clicking on the category headings.

  1. Once you have viewed the results, you can perform the following actions on the account:
    Note: If a valid License Key has not been provided, only partial data will be available.Disable Selected: Disabling an account prevents the account from being authenticated via Active Directory. Disabled accounts can be enabled at a later time. Disabling an account does not remove SIDs, group memberships, or any other right given to the account.

    • Right-click on the appropriate account.
    • Click Disable selected.

    Enable Selected: Enabling an account allows the account to be authenticated via Active Directory.

    • Right-click on the appropriate account.
    • Click Enable selected.

    Delete Selected: Deleting an account will permanently delete all permissions and memberships associated with that user account.

    • Right-click on the appropriate account.
    • Click Delete Selected.

    Move Selected: The account can be moved to another Organization Unit.

    • Right-click on the appropriate account.
    • Click Move Selected.
  2. To export toggled account information to a text file:
  • Select the desired accounts one at a time, or click-ctrl-click to multi-select.
  • Click Export Selected.
  • Enter an appropriate file name, and click Save.

Scan users

  1. Open Specops Active Directory Janitor.
  2. In the navigation pane, Scan users under Tasks.
  3. From the Selected Domain drop box, select a specific domain to scan.
  4. You will need to select where to look for accounts. You can either:
    Pick accounts manually:

    • To select a specific computer account to scan, type the name of the account in the Account name field.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to continue.

    Pick accounts from Active Directory:

    • Browse to the Organizational Unit you want to add.
    • Enable Include accounts in sub containers to include sub containers.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to continue.

    Import text file:

    • To import a list of accounts from a text file, enter the file name or browse to the location of the file. Note: Account name must be in the leftmost column of the file.
    • Click Add.
    • Once a scope is selected, Active Directory Janitor counts objects and presents a confirmation message. Click OK to c
  5. Click Select properties to select the properties to scan on the computers.
  6. Click Start scanning.
  7. When the scanning is complete, you can view the results.

Note: You can sort the result by clicking on the category headings.

  1. Once you have viewed the results, you can perform the following actions on the account:
    Disable Selected: Disabling an account prevents the account from being authenticated via Active Directory. Disabled accounts can be enabled at a later time. Disabling an account does not remove SIDs, group memberships, or any other right given to the account.

    • Right-click on the appropriate account.
    • Click Disable selected.

    Enable Selected: Enabling an account allows the account to be authenticated via Active Directory.

    • Right-click on the appropriate account.
    • Click Enable selected.

    Delete Selected: Deleting an account will permanently delete all permissions and memberships associated with that user account.

    • Right-click on the appropriate account.
    • Click Delete Selected.

    Move Selected: The account can be moved to another Organization Unit.

    • Right-click on the appropriate account.
    • Click Move Selected.
  2. To export toggled account information to a text file:
  • Select the desired accounts one at a time, or click-ctrl-click to multi-select.
  • Click Export Selected.
  • Enter an appropriate file name, and click Save.
Options

Domain Controllers

You can specify a Domain and the Domain Controllers to be included in the scan criteria. If one or more DC is not working and should not be used, it can be unchecked.

  1. Open Specops Active Directory Janitor.
  2. In the navigation pane, select Domain controllers under Options.
  3. Select a Domain to view a list of Domain Controllers.
  4. Uncheck the Domain Controllers you do not want contacted during a scan.
  5. Click Apply.

Settings

You can configure custom settings, such as number of concurrent scanning threads, used when scanning computers.

  1. Open Specops Active Directory Janitor.
  2. In the navigation pane, select Settings under Options.
  3. Configure the number of concurrent scanning threads.

Note: The thread count decides how many concurrent threads are used when scanning computers.

  1. If you want Specops Active Directory Janitor to attempt connect to computer even if ping reports that they are unreachable, enable Connect to computers that appear offline.
  2. If you want to check for updates, enable Check for updates at startup.
  3. If you want to turn on logging, enable Turn on logging. Logging can be turned on for troubleshooting purposes.
  4. If you want Specops Active Directory Janitor to integrate with Specops Inventory, enter the Specops Inventory server name in the text field.
  5. Click Apply to save your changes.
Product Management

From the Product Management navigation pane you can:

  • Check for product updates
  • Purchase the full version of Active Directory Janitor if you have not already done so
  • Update your license key

Note: The features available on a trial version of Active Directory Janitor are different than the features available on a fully license version. Administrations cannot perform changes to accounts when using the trial version.

  • Was this Helpful ?
  • Yes   No