Because the Active Directory is a part of the core Windows 2000 operating system, it's easy to take it for granted. After all, the Active Directory quietly works in the background, servicing the needs of your enterprise. You hardly ever hear so much as a peep out of it, unless there's a major problem. Of course, we all know that the worst time to find out about a major problem is after the damage has been done. Fortunately, there are some ways to occasionally check your Active Directory's health and make any necessary adjustments before a major problem develops. In this article series, I'll share these techniques with you.
In this article, I'll discuss some of the Active Directory support tools that are available to you. You can use these tools to diagnose and correct a variety of problems. Later in the series, I'll explain how to use some performance monitoring techniques to pick up on more subtle signs of a developing problem.
Installing the Active Directory Support Tools
The basic Windows 2000 installation doesn't include the Active Directory support tools. Instead, these tools are kept on the Windows 2000 installation CD until you manually install them. Installing the support tools requires a little over 18 MB of hard disk space.
To install the Active Directory support tools, log in as an administrator and insert your Windows 2000 installation CD. When you see the Windows 2000 splash screen, select the Browse This CD option. When the browse window opens, navigate through the CD's directory to the \SUPPORT\TOOLS directory. Next, run the SETUP.EXE program.
When the Setup program completes, the support tools will be added to the Start menu under Start | Programs | Windows 2000 Support Tools | Tools. As you look at the menu options, keep in mind that they aren't totally representative of your Active Directory diagnostic capabilities. As you've probably noticed, some tools on the menu (such as Disk Probe) have absolutely nothing to do with the Active Directory. Other Active Directory tools aren't accessible through the menu.
Now that you've installed the Active Directory support tools, let's begin looking at some of the individual tools.
Active Directory Administration Tool
As you may know, the Active Directory is Lightweight Directory Access Protocol (LDAP) based. The Active Directory Administration tool is nothing more than an LDAP tool. It allows the Administrator to perform basic LDAP functions on any LDAP directory. These functions may include such things as adding, deleting, searching for, or modifying objects.
When you first load the Active Directory Administration tool, you're greeted with an empty window. To begin using the tool, select the Connect option from the Connection menu. When you do, you'll be asked to supply some basic information, such as the name of the server and the LDAP port number. Once you've entered this information, there will be a brief delay while the Active Directory Administration tool connects to the server. When the connection has been made, you'll see a summary of the server's Active Directory status, as shown in Figure 1.
As you can see in the figure, the Active Directory Administration tool contains several menus. Each menu contains options you can use for interacting with the Active Directory, such as Search, Browse, Add, and Delete. Most of the menu options are self-explanatory.