Active Directory Preferences Page

<< Click to Display Table of Contents >>

Active Directory Preferences Page

Active Directory (AD) allows you to automatically create Active Directory collections, as well as establish Active Directory Sync to add (and in certain cases, remove) computers to the PDQ Inventory database (Enterprise mode required for AD Sync).

Note: The Active Directory attribute dNSHostName is required to be configured for computers (including pre-staged) to be synced.

To access the Active Directory settings, click Options > Preferences (or press Ctrl+Comma) and select Active Directory in the Preferences window.

Options

Description

Create Active Directory Collections

Creates collections mirroring your Active Directory structure when at least one AD computer is added and scanned. Only OUs that contain computer objects (either directly, via child OUs, or Security Groups that contain computer objects) will display in PDQ Inventory.

This setting is selected by default but can be turned off if the containers are not relevant to your organization.

NOTE: If this setting is disabled after collections have been created, the collections will be deleted after the next computer scan.

Create Collections for Groups

Creates collections mirroring the structure of your Active Directory Groups when computers are added and scanned. (Enterprise mode is required to use this setting). Only Security Groups that contain computer objects (either directly or via inheritance) will display in PDQ Inventory.

Active Directory Sync

PDQ Inventory can be scheduled to automatically synchronize with Active Directory to capture changes in AD. It can add new computers to the PDQ Inventory database and to AD collections when they are added to Active Directory. The synchronization can be set up to include and exclude any number of individual containers or groups. (Enterprise mode required for Active Directory Sync).

IMPORTANT: PDQ Inventory never makes changes to Active Directory. All changes made within PDQ Inventory are done to the PDQ database.

For a demonstration of setting up and using Active Directory Sync, see the following video.

Video: Adding or Removing Computers Using Active Directory in PDQ Inventory

Adding or Removing Computers with AD Sync

(https://youtu.be/Fh4g3DWEiNk)

 

Auto Sync Enabled

Enables Active Directory Automatic Sync.

Sync Every

Sets how often PDQ Inventory automatically syncs with Active Directory. Set to one hour by default.

Delete Mode

The method used to delete computers from the PDQ Inventory database when they are removed from Active Directory.

NOTE: PDQ Inventory never deletes computers from Active Directory. All deletions are to the PDQ database.

 

Import Only

(no delete)

This will not delete any computers from the database during a sync. If a computer is deleted from Active Directory (or disabled), it will remain in PDQ Inventory until it is manually deleted. This is the default selection.

Mixed Sync

(do not delete computers not part of sync)

Deletes only those computers from the database that were in an Include Container and added to the database, but were later deleted from Active Directory. When a computer is moved to a container that is set to Exclude, the computer will be treated as though it were deleted from Active Directory and will be deleted from the PDQ Inventory database as well.

This option will not delete any computers from the database that were added manually (outside of AD Sync), these computers must be manually deleted. This setting is helpful for those organizations that have a mix of both AD and non-AD computers.

Full Sync

(delete all computers not part of sync)

Deletes all computers from the PDQ Inventory database that aren't in an Include Container, including computers that were added manually or via another source. Use this option to make PDQ Inventory mirror Active Directory exactly.

NOTE: Full Sync only takes into consideration the computers that are in containers that are set to Include. When a computer is moved to a container that is set to Exclude, the computer will be treated as though it were removed from Active Directory and will be deleted from the PDQ Inventory database as well.

IMPORTANT: This is a very strict setting. Do not use in mixed AD and non-AD environments.

Sync Disabled Computers

Sets whether to sync computers which are disabled in Active Directory (this is unchecked by default).

Containers to Sync

A list of the containers currently being synchronized. The list displays a checkmark whether or not the container is included, the container name, the user credentials for the sync, and whether or not its subtree (child container) is included.

NOTE: The yellow folder icon represents an included container. The white folder icon represents an excluded container.

 

Include Containers

Opens the Select Include Container window, where you can browse domains and select the containers (and any sub-trees using the Include Sub-Tree checkbox) to be included in the sync.

Exclude Containers

Opens the Select Exclude Container window, where you can browse domains and select the containers (and any sub-trees using the Include Sub-Tree checkbox) to be excluded from the sync.

Edit

Opens the AD Sync Container window for the selected container. This window allows you to change the type of container between Include and Exclude, change or edit the user credentials used to connect to Active Directory, as well as exclude the subtree.

NOTE: The AD Sync Container window allows the input of separate credentials based on the domain, forest, or container of the AD sync item. This is useful in multi-domain/multi-forest AD environments that may contain different administrative accounts at different levels of trust within Active Directory.

Delete

Deletes the selected container.

Sync Now

Syncs immediately with the selected containers instead of waiting for the next scheduled Sync.

NOTE: Additionally, from an elevated command prompt (cmd.exe run as Administrator), you start a sync with the PDQInventory ADSync -StartSync command.

Last Sync

The date and time of the last sync. This field is not visible until after the first successful sync.

Last Sync Status

The status of the last sync.

See also

Defining System Preferences

Adding Computers

 

 

 

© 2024 PDQ.com Corporation. All rights reserved.

PDQ.com is a trademark of PDQ.com Corporation. All other product and company names are the property of their respective owners.

Help Version: 19.3.538.0