OPEN PACK IN VSCOPE
PRODUCT

Inventory & Reporting

REQUIREMENTS

Directory

CATEGORIES

Security & Optimization

SUPPORT

Contact us

Active Directory Security & Optimization

Optimize and improve your Active Directory

Take control of your Active Directory

This pack is intended for organizations that want to improve their Active Directory, in one way or another. The pack features two dashboards, each with their own use case.

The Optimization dashboard can be used to tidy and streamline your Active Directory. The Security dashboard gives you suggestions on how to improve the overall security of your Active Directory.

Featuring

  • Analyses that can be used to slim down and declutter the Active Directory environment.
  • Suggestions for potential security improvements.
REPORTS 
  • Domain Password Settings Overview
    Overview of the password settings for the domains found by vScope.
  • Active Directory Users and Password Expiry
    Active users in the Active Directory that are configured with a password expiration date. 
  • Domain Controllers not patched in more than 30 days ago
    Lists servers acting as domain controllers that have not been updated for 30 days.
  • Active Directory Most Inactive Domain Users
    Lists user accounts in the Active Directory that have not logged on for more than 6 months.
ANALYSES – SECURITY
  • Disabled users that are logged in
    Lists user accounts that are logged in on a machine even though the account has been disabled.
  • User accounts not logged in for 3 months
    Lists user accounts that have not logged on in over 3 months. Shows both active and inactive user accounts. 
  • User accounts not logged in for 6 months
    Lists user accounts that have not logged on in over 6 months.
  • User accounts that do not require password
    Lists user accounts that do not need a password to authenticate.
  • User accounts that have been locked
    Lists user accounts that have been locked.
  • User accounts with an expired password
    Lists user accounts with an expired password.
  • User accounts with password that expire within 1 month
    Lists user accounts with passwords that will expire within one month
  • User accounts with passwords that do not expire
    Lists user accounts that do not have a password expiration date.
  • User accounts with remote access
    Lists user accounts that have remote access enabled.
  • Local administrator accounts named “administrator”
    Lists accounts named “administrator”. For security reasons these accounts should be named something else.
  • User accounts with a max password age longer than 90 days
    Lists all user accounts with a max password age longer than 90 days.
  • User accounts with recently changed password
    Lists user accounts that have recently had their password changed.
  • User accounts that must change password upon next login
    Lists user accounts that must change its password upon their next login.
ANALYSES – OPTIMIZATION
  • Directory machines not used in 6 months
    Lists directory machines that have not been logged on over the last 6 months.
  • Directory machines without a manager
    Lists directory machines that do not have a manager.
  • Disabled domain user accounts and OU
    Lists AD accounts that are disabled and not all in the same OU.
  • Unused organizational units
    Lists organizational units that neither have children, users, groups, nor computers.
  • User accounts not assigned to any group
    Lists user accounts that are not assigned to any group.
  • User accounts without a manager
    Lists user accounts that do not have a manager.
  • User groups without a manager
    Lists user groups that do not have a manager.
  • Unused user accounts
    Lists user accounts that have never been used to authenticate.
  • Unused group policies 
    Lists group policies that are neither applied on a system nor linked to any organizational units or domains.
  • Empty user groups in the active directory
    Lists user groups that don’t have any users, computers, or groups in them.
  • User accounts that do not expire
    Lists user accounts without an expiration date.
DASHBOARD

This pack also includes two dashboards.

  • Active Directory Optimization – Provides quick insights into the optimization analyses listed above.
  • Active Directory Security – For above mentioned security analyses.

You might also like

Sign up to get notified about new report packs.

By subscribing I allow InfraSight Labs to store and process my personal data according to Privacy Policy.