All of these products require that you buy them unless otherwise noted.
Softerra LDAP Administrator
Active Directory has an LDAP interface.
So then you just punch in in the values.
Softerra Adaxes
Softerra also makes Adaxes.
This assists with user provisioning and automates some of the workflow approval processes.
Plus, it provides a web interface for administrators and self-service.
Adaxes lets you run queries across different AD domains even if they are in different forests.
It also has a template to facilitate mass updates.
Manage Engine AD Query
AD Query uses the familiar LDAP Polish notation, i.e.
This tool is free.
Microsoft Access
One of my favorite tools for working with databases or LDAP is Microsoft Access.
Not enough people know about this powerful tool, which must be one reason Microsoft dropped it from Office.
Now you have to buy it separately.
But it is free with Office 365.
Access does two very powerful things.
First, it lets you make complex queries using a graphical interface.
Then it writes SQL based on that for you, but you could ignore the complicated SQL.
It lets you nest queries too.
This approach makes it possible to answer almost any question related to whatever data you have.
Dell GPOADmin
Dell sells lots of different tools for Activity Directory.
Most of them, like GPOADmin, are very inexpensive.
This one costs $19 USD.
What GPOADmn does is to more easily manage group policy objects.
it’s possible for you to also schedule different tasks and run them in batch mode.
Microsoft AD Replication Status Tool
Replication is a key issue with any distributed LDAP system.
The Microsoft ADREPLSTATUS tool checks the status of AD replication.
It shows replication errors in a domain or forest.
AD Audit Plus
ManageEngine tools are free or you’re able to purchase them for support.
ADAudit Plus tracks login activity plus changes to GPOs.
So it provides the information that you need for compliance reporting.
The most regulated businesses are those in the financial services sector in the USA and UK.
Most other businesses in the USA also have to comply with SOX and HIPAA regulations.
European companies have their own set of regulations to follow.
All of these require that you have an audit plan in place.
Your auditor will expect you to have the tools to comply with the requirements of the plan.
SekChek is a tool that can help with this.
Certification means documenting who gave permission to create each user account.
There should be a workflow object or email that shows who gave access to each account.
Power Shell is based on cmdlets, which are analogous to Python import modules.
In other word it is a set of tools that are included at runtime.
So you’re able to use cd and dir to navigate the database.
When you load the cmdlet, a drive AD: is mounted.
Then you cd ad: to change over to that part of the directory.
