RCP Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.

No Scripting Required

ADtoolkit enables anyone to perform Active Directory group edits.

I'm not a scripter. If I was, I'd be performing feats of magic on a regular basis, like adding and deleting users, changing parameters and modifying Active Directory. But I'm not a scripter, which is a bit of a problem, because I really want and need to be able to do those things.

Enter Javelina's ADtoolkit 3.0 (formerly called Javelina ADvantage). As I see it, ADtoolkit 3.0 does what a savvy AD scripting guru would do. It also packs a bunch of useful bulk AD operation features into one powerful utility.

Documentation 10%
Installation 10%
Feature Set 40%
Performance 30%
Management 10%
Overall Rating:

1: Virtually inoperable or nonexistent
5: Average, performs adequately
10: Exceptional

Group Therapy
ADtoolkit is easy to navigate and use. It provides a list of available directory objects—Users, Groups, Contacts, Computers, Files and Shares and Directory Tools—from which you can choose a group to bulk edit.

After you've chosen a group to edit (I've selected Users in Figure 1), choose the action you wish to perform—Add, Modify, Delete, Reports, Reset Passwords and Search and Replace. Once you've selected the action, you can then import only those users you need to update or edit. You can do this with the Select Users option (that will let you select an entire domain or any specific AD organizational unit) or with the Import Users button.

Once you've imported a group of users, you'll see the users who will be affected by your global edits laid out in a grid. This can get a bit confusing if you don't have any previous experience working with AD groups.

Note the tabs going horizontally across the screen in Figure 1. Each of those tabs represents a category of features you can modify. Modifying information inside any tab affects all users in the grid. You can also change a specific property for a specific user in the grid, thereby affecting only that user. Options entered in the grid overwrite options in the tabs. For example, you can grant a certain level of access to all users in a grid, but provide greater access to those within the group who are managers. You would apply the group's access using the tabs, then increase the manager's access within the grid.

Figure 1. Javelina ADtoolkit
Figure 1. Choose the list or lists of users you need to modify, then the action you need to perform. (Click image to view larger version.)

Once you have your edits ready to go, run a simulation to determine precisely what will happen when you hit the "go" button. ADtoolkit generates a clear report to describe which users (or whatever the target of your group edits is) will be affected and what will happen. This simulation report is a nice touch, considering that, if you made one false move at this point having already made a series of global changes, you could bulk-change your way right out of a job.

ADtoolkit also lets you call out exceptions on access control lists stored on file servers and/or in AD. Under normal circumstances, for example, after you delete a user from AD, you can still see "Account Unknown" signifiers all over AD and the file system to which that user previously had access. ADtoolkit lets you quickly detect and clean up those stale entries. Look under the Files & Shares menu to clean up the file system, and Directory Tools to clean up AD.

Knowledge Is Power
The user interface design is good if you know what you're doing. A step-by-step, Wizard-driven interface would be welcome, in addition to its current "free-form" approach. It does help to have a bit of AD background or experience to navigate the interface, but it's not essential.

If you need a way to bulk-edit your AD groups, it would be well worth your while to take ADtoolkit out for a test drive.