Skip to main content

AD_CleanupProgress Job

The AD_CleanupProgress Job performs checks against Active Directory security best practices in order to proactively identify critical security configurations that leave Active Directory vulnerable to attack. The result is a report which provides a listing of findings by severity and category with corresponding details that can be used to prioritize and remediate security issues.

AD_CleanupProgress Job in the Jobs Tree

Workflow

Step 1 – Ensure the following prerequisites are met:

  • The .Active Directory Inventory Job Group needs to be successfully run prior to running this job

  • The following jobs from the Active Directory Solution must be run prior to running this job:

    • Active Directory > 1.Groups > AD_DuplicateGroups
    • Active Directory > 2.Users > AD_DirectMembership
    • Active Directory > 3.Computers > AD_StaleComputers

Step 2 – Schedule the AD_Cleanup Progress Job to run every day after the prerequisites have been satisfied.

Step 3 – Review the reports generated by the AD_CleanupProgress Job.

Analysis Tasks for the AD_CleanupProgress Job

Navigate to the Active Directory > Cleanup > AD_CleanupProgress > Configure node and select Analysis to view the analysis tasks.

warning

Do not modify or deselect the selected analysis task. The analysis task is preconfigured for this job.

Analysis Tasks for the AD_CleanupProgress Job

The default analysis task is:

  • Generates daily summary of AD exceptions – Creates the AD_CleanupProgress_DailySummary table accessible under the job’s Results node

In addition to the table created by the analysis task, the AD_CleanupProgress Job produces the following pre-configured reports.

ReportDescriptionDefault TagsReport Elements
Computer Cleanup SummaryThis report tracks Active Directory computer exceptions over time.NoneThis report is comprised of two elements:
  • Line Chart – Displays a daily computer exceptions trend
  • Table – Provides details on daily computer exceptions
Group Cleanup SummaryThis report tracks Active Directory group exceptions over time.NoneThis report is comprised of two elements:
  • Line Chart – Displays a daily group exceptions trend
  • Table – Provides details on daily group exceptions
User Cleanup SummaryThis report tracks Active Directory user exceptions over time.NoneThis report is comprised of two elements:
  • Line Chart – Displays a daily user exceptions trend
  • Table – Provides details on daily user exceptions