Our IT Technician John shares his thoughts on keeping Active Directory tidy

Keeping Things Organized

When it comes to domains and organizations Active Directory is king. Active Directory is what organizes our Computers and Users within a domain and it authenticates and authorizes all devices and users to make them adhere to specified security policies. Active Directory is used mainly in corporate environments as a centralized location for credential/password management. It can also configure and control Domains and Trusts, Sites and Services, and is in essence the main authority in deciding how users and devices are identified. As Active Directory grows through the years some users and computers become old or unused and therefore still reside in Active Directory but are not actually being utilized. This isn’t as much of an issue for user accounts unless a John Smith quits and a new John Smith takes his place. This does however become a problem for new computers that need to be named the same thing. For example, if the marketing department gets rid of their old “Marketing-PC” and tries to replace it with a new “Marketing-PC” they will have to delete this entry from Active Directory beforehand so that there aren’t any conflictions. To proactively counter this issue a network admin should check often to make sure that Active Directory is clean and organized so that new user accounts or devices aren’t delayed in their deployment process because of basic housekeeping procedures. In my opinion, I would implement this clean-up procedure annually to not only make sure that Active Directory is organized but to also verify that it is functioning as required.

Leave a Comment