Ensure all exMon users are enabled in Active Directory

Created by: Kristinn Magnusson

In this article, we will query to ensure all exMon users are enabled in Active Directory. You can utilise exMon Continuous Monitoring to ensure all your exMon users are active users in your corporate Active Directory.

Add Active Directory PowerShell support

To query Active Directory with PowerShell you will need to add the necessary support. Here you can find out how to configure it.

Configure the test

  1. Create a new Compare Query in exMon Data Governance by right-clicking the Tests folder
  2. In the left query select the PowerShell Data Provider and add the following PowerShell script:
    1. import-module activedirectory
      $exMonResult = Get-ADUser -Filter {Enabled -eq $false} | exMon-Out-DataTable
  3. In the right query select exMon Data Provider and add the following PowerShell script:
    1. declare @domain varchar(20)
      set @domain = 'EXPECTUS'

      select distinct
          substring(ad_name, len(@domain)+2, len(ad_name)) as ad_username
      from dbo.c_user
  4. Replace 'EXPECTUS' with your domain name
  5. In this query, we want to find all disabled users in your active directory. To do this, ensure that DS2 incl. DS1 is selected but DS1 incl. DS2 is deselected.

  6. Create a column mapping where the usernames are the keys and the name is an information column so it's easier to recognize the user.

  7. Configure exception manager and schedule as usual.

Running the Preview will show you the results:


Note: If you require assistance with this, please create a support ticket

Kristinn is the author of this solution article.