Tips on what would be good indicators of a healthy active directory
Posted on 2011-09-07
Hi guys hope you are all well and can help.
Guys I would love your kind help on the following.
I have been tasked with identifying things that would be good candidates for reporting on with respect to ongoing health of our Active Directory.
So, for example, our team holds weekly meetings. In those meetings, we would like to share a report on key indicators of a healthy and secure AD environment. The idea of this is that we come up with a list of standards that we abide by to ensure the smooth running and operations of our AD. In our current environment, we have been running a bit hit and miss, reactive, and adhoc manner, which we wish to change by carving out a list of minimum standards that we regularly try and achieve. This is what this question is all about.....trying to get your guys input on what you guys deem as good standards to adopt.
1) Number of domain admins to be no more than x at any point in time
2) Only network printers to be published into AD, and not workstation-based printers
3) User account names to abide by naming convention, and exceptions to be noted.
If you guys can help me add to this list, that would be most greatly appreciated, as I can then hone in and customize for our own requirements.
Thanking you in advance.