Active Directory is a built-in service in Windows, that keeps track of user accounts. Lansweeper enables you to scan and keep track of your Active Directory users (AD Users).
All authentication of users and computers in a Windows network happens via the domain controller. This is the server running Active Directory Domain Services (AD DS). When an AD user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password to determine if the user is a system administrator or a regular user.
Active Directory is structured in OUs (Organization Units). This way, it is possible, for example, to put all users with the same privileges in one group. When you need to change permissions for users in this group, you can simply edit the whole group at once.
Scanned AD user information
Lansweeper can check the OUs stored in the Domain Controller to scan PCs and users. As Active Directory provides a framework for authentication and user and PC management, it is a useful data source for Lansweeper. The software integrates with AD in multiple ways:
- Users can log into Lansweeper with their AD account
- Lansweeper can use Active Scanning to scan computers listed in Active Directory
- Lansweeper scans the AD users. It's possible to do this on a schedule for an unlimited number of OU's.
This way, Lansweeper retrieves useful information on users and the groups they belong to. You can easily automate this using a schedule, so the data is refreshed automatically.
It is also possible to add additional users directly from Active Directory, even if they never log into a computer. Lansweeper allows you to find user accounts directly from Active Directory OUs.
Lansweeper comes with some built-in actions you can perform on users to manage their passwords. These include:
- Must change password when the user next logs in
- Allow or disallow the user to change the password
- Reset the password
- Unlock user account