Determining the Number of Enabled Active Directory User Accounts
Overview
To determine the number of enabled user accounts for Netwrix Auditor, it is important to understand that Netwrix Auditor is licensed per enabled Active Directory (AD) user.
What is an enabled AD user? An enabled AD user is an existing, enabled user account. Computer users, deleted users, group users, and disabled accounts do not constitute enabled AD users and are not factored into licensing.
Instructions
The number of enabled user accounts can be determined one of the following two ways:
-
Use the following link to download a special script: https://www.netwrix.com/download/products/vbs_script/countofusers.zip
- Save and unzip
countofusers.zipand run thecountofusers.vbsfile. - When prompted, enter your domain name. The script will return the number of enabled user accounts in the specified domain.
- Save and unzip
-
Execute the following steps:
-
Open the Active Directory Users and Computers snap-in.
-
Right-click the Saved Queries node and select New.
-
In the Name field, provide the name of the new query.
-
Specify the Query Root of the Organizational Unit you want to monitor (or the entire domain).
-
Click on Define Query.
-
Select Custom Search from the Find drop-down list.
-
Open the Advanced tab and paste in the following LDAP filter:
(&(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(name=HealthMailbox*))) -
Click OK to save the changes.
-
NOTE: By default, AD queries are limited to 10,000 results. To view more than 10,000 results, take the following steps:
- Start the MMC Group Policy Management snap-in.
- Locate the target domain, right-click the target policy and select Edit.
- Proceed to User Configuration > Policies > Administrative Templates > Desktop > Active Directory.
- Double-click the Maximum size of Active Directory searches setting.
- Select Enabled, and set the number (e.g., 30000).
- Click Apply > OK.
- Close the Group Policy Editor.