ADSI Edit is like a double-edged sword. One side of ADSI Edit configures Active Directory properties,
whilst the other side teaches you about the operating system components.
My first question with any new utility is, 'Where does it come from?' In the case of ADSI Edit, you install it as part of Windows Server 2003's support tools. Once installed, I add ADSI
Edit
as a snap-in to my MMC along with Active Directory Users and Computers and the Exchange System Manager.
My second question is what does the acronym ADSI mean? The answer, Active Directory Service Interface, also gives a good description of the purpose of this utility.
Your main call for ADSI Edit is when TechNet directs you to adjust values in Active Directory. Once you launch ADSI Edit the next decision is to choose the context, Domain or Configuration, RootDSE
or schema.
Before considering the benefits of ADSI Edit, a
word of warning, when you use this interface the operating system does not check the validity of your values. For example, suppose you are configuring with the Exchange System Manager, if you enter
enter the letter o (oh) in a numeric field, then the interface will issue a warning and refuse the entry. However, with ADSI Edit there is no validation check and therefore you could enter values
that will cause unpredictable results.
Now for ADSI Edit in action. I have select examples for you to get the feel of how this utility interacts with Active Directory settings.
Guy Recommends: SolarWinds' Free Bulk Mailbox Import Tool
Import users, complete with mailbox from a spreadsheet. Just provide a list of the
users with the fields in the
top row, and save as .csv file. Then launch this FREE utility and match
your Exchange fields with AD's
attributes, click and import the users. Optionally, you can
provide the name of the OU where the new mailboxes will be born.
There are also two bonus tools in the free download, and all 3 have been approved by Microsoft:
Bulk-import new users and mailboxes into Active Directory.
When you restore the System State, be aware of the 60 day limit for your backup. What happens is that all objects older than 60 days get cleared up by the built-in garbage collection utility. As
a result any information that you restore, which is over 60 days old, will be deleted immediately. In other words you are wasting your time restoring Active Directory data older than 60 days - unless you edit tombstoneLifetime.
The only way to adjust this tombstoneLifetime parameter, is with ADSI Edit. Navigate to the Configuration container (not the Domain container). Next, expand CN=Services, CN=Windows NT and then
right-click Directory Service. Scroll down to tombstoneLifetime and set the value in days. For example if you backup is 87 days old, set the tombstoneLifetime value to 95. Now you will be able to restore the
System State without the operating system over-writing your backup.
Would you prefer to see names listed as Steve Redgrave, or Redgrave, Steve?
User-Display is a modification which reverses the order of firstname lastname. By default a user's name displays in the GAL as firstname lastname. You can see this order in both Active Directory Users and Computers
and in the Global Address Lists. Thanks to ADSI Edit, the user-Display attribute gives you control over the sequence of firstname and lastname.
Launch ADSI Edit and then
expand the Configuration Container (not the Domain Container). Next navigate to DisplaySpecifiers and select, CN=409. (This gives the sort order for US English.) The crucial property is
user-Display. right-click User-Display and select createDialog. When you user-Display, it not only affects Full Name in the GAL, but also the Display name field in Active Directory Users and Computers.
To have names displayed as Lastname, Firstname use this value: %<sn>, %<givenName> (Note the space between the two parts. Also note that givenName is case sensitive.)
Result would be Redgrave, Steve (changed from Steve Redgrave).
The legacyExchangeDN problem arises when you cannot move a mailbox from Exchange 5.5 to Exchange 2003. What happen is you receive this: Error code: '0x80020009'. Error description: 'There is no such object on the
server.'
The solution to the legacyExchangeDN error is to launch the ADSI Edit snap-in, expand Domain NC, expand DC=DomainName,DC=com, expand CN=Users, right-click the account of which cannot be moved, and then click Properties, select CN=UserName, select a
property to view, and then click legacyExchangeDN. Finally scroll down the list of attributes to msExchADCGlobalNames, and delete the text for that entry.
Monitor Your Network with the Real-time Traffic Analyzer
The main reason to monitor your network is to check that
your all your servers are available. If there is a network problem you
want an interface to show the scope of the problem at a glance.
Even when all servers and routers are available, sooner or later you will be curious to
know who, or what, is hogging your precious network's bandwidth. A GUI
showing the top 10 users makes interesting reading.
Another reason to monitor network traffic is to learn more about your
server's response times and the use of resources. To take the pain out of
capturing frames and analysing the raw data, Guy recommends that you download a copy of
the SolarWinds
free Real-time NetFlow Analyzer.
ADSI Edit, is well worth mastering. There are numerous Active Directory settings that you can only change through this utility. Take every opportunity to launch ADSI Edit and explore the
attributes in the domain and configuration containers of Active Directory.
If you like this page then please share it with your friends
The
extra features you get in your eBook include: 20 checklists to
plan your migration. Detailed instructions and advice on the best
strategy for your organization.
Lots of tips, recommendations and troubleshooting advice. Problem
solving section. Active Directory explained. Printer friendly
pages.
Here is a
free tool to monitor your Exchange Server.
Download the utility, then inspect your mail queues, monitor Exchange server's
memory, confirm there is enough disk space and check the CPU utilization.
The
extra features you get in your eBook include: 20 checklists to
plan your migration. Detailed instructions and advice on the best
strategy for your organization.
