Active Directory (AD) is a directory service developed by Microsoft that provides centralized management of network resources such as users, computers, printers, and security groups within a domain-based network. It is designed to help IT administrators efficiently manage and secure an organization's network infrastructure by controlling user access, enforcing policies, and maintaining resource integrity.
At its core, AD acts as a centralized database where all information about network resources is stored, allowing administrators to organize access efficiently, and manage these resources through a single interface, streamlining IT operations across the enterprise.
With an AD integration, onboarding and offboarding of domain-based devices in UEMS becomes much easier. Once a domain is configured, you can import and manage all AD-linked devices from a centralized console. Also, UEMS can adjust its management scope automatically to reflect these changes as computers are added or removed from Active Directory.
Please refer to the following link for Agent installation methods using Active Directory: Agent Installation Methods.
AD integration also supports automatic creation of custom groups (Logical Structure Groups) based on AD Organizational Units (OUs) or other criteria. This simplifies the process of categorizing and managing domain-based devices dynamically to deploy the tasks as well as to provide them as scope for technicians. To know more about automatic Custom Group Creation, click here.
AD integration also supports AD user-based login to UEMS Server console. This allows the technicians to use a single password to access both AD resources and the UEMS server. Learn more about AD User Management.
AD integration also supports generating insights on AD components such as OU, Group, Domain, users, computers, and GPOs. Explore AD-based Reports.
The AD integration also allows technicians to use the same credentials to deploy tasks such as agent deployment, custom scripts, or software to the computers.
whenChanged
, whenCreated
, objectGUID
, Name
, distinguishedName
, etc. Additionally, for deleted object retrieval, ensure credentials have access to the AD recycle bin.set L
in Command Prompt to get the Domain Controller name (Logonserver = Domain Controller Name
).set U
to retrieve the Domain Name and AD Domain Name (Userdomain = Domain Name
, Userdnsdomain = AD Domain Name
)set L
and set U
commands) in the appropriate fields.AD resource information is synced according to a pre-configured schedule. Changes in sync frequency will affect domain, Scope of Management (SoM) policy, and Custom group functionalities.
Once a domain is added, you can manage it through the Actions menu.
Note: Changing the Domain type from Workgroup to AD will disable all other AD functionalities configured with this AD.
When changing the Active Directory to Workgroup, the DNS Suffix will be required. To find the DNS Suffix, enter ipconfig /all
in the command prompt and locate the data corresponding to Primary DNS Suffix.
For any issues during domain setup or synchronization, review your administrative credentials, access rights, and AD object permissions. Ensure proper configuration of sync frequency and domain connectivity to avoid disruptions. Kindly refer here for more steps.