ASN AD Inactive Account Tracker (originally developed by Adsysnet as ASN Active Directory Inactive Account Tracker) is a specialized administrative utility designed to scan Active Directory domains, identify dormant or stale accounts, and generate compliance reports.
The following guide details how to install and configure this tool to secure your environment. Prerequisites & Requirements
Before installing, ensure the system meets these baseline criteria:
Operating System: Windows Server (2012 through 2022) or Windows ⁄11 desktop for remote administration.
Permissions: Domain User permissions are required for basic read-only reporting. Domain Admin or Account Operator permissions are necessary if you intend to modify, disable, or delete accounts directly through the tool.
Dependencies: .NET Framework 4.5 or higher and Active Directory Domain Services (AD DS) network connectivity. Step-by-Step Installation
Download the Installer: Obtain the ASN Active Directory Inactive Account Tracker setup file (.exe or .msi) from the developer website or an authorized enterprise software repository.
Execute Setup: Right-click the installer and select Run as administrator. Follow the Setup Wizard: Accept the End-User License Agreement (EULA).
Specify the installation path (the default directory is typically under C:\Program Files\Adsysnet</code>).
Complete Installation: Click Install, wait for the progress bar to finish, and click Finish. Check the box to launch the tracker application immediately. Initial Configuration
When you launch the software for the first time, you must point it to your domain infrastructure and define your inactivity policies. 1. Domain Connection
Target Domain: The tool automatically attempts to detect your current logged-in logon domain. If you are managing a separate forest or child domain, manually enter the fully qualified domain name (FQDN) (e.g., ://domain.com).
Authentication: Default to your current Windows credentials if you are logged in as an administrator. Otherwise, check the custom credentials box and input an alternate service account with sufficient AD read/write privileges. 2. Define Scanning Scopes
OU Filtering: Navigate to the domain tree browser and select the specific Organizational Units (OUs) you want to audit.
Exclusions: Exclude system mailboxes, built-in service accounts (e.g., KRBTGT), and service accounts that are intended to remain dormant for long periods to avoid false positives. 3. Establish Inactivity Criteria
Navigate to the Settings or Thresholds panel to define what constitutes a stale account: ASN AD Inactive Users Tracker 2.2.0.0 Free Download
Leave a Reply