cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

TomWechsler
MVP

‎Mar 24 2021 06:22 AM - edited ‎Aug 22 2023 07:40 AM

‎Mar 24 2021 06:22 AM - edited ‎Aug 22 2023 07:40 AM

Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

 

Hi Windows Active Directory Friends,

 

Wouldn't it be interesting to know what change there was in our Windows Active Directory? If there was a change, what exactly has changed since yesterday, for example? You can answer exactly such questions when you create snapshots with AD Explorer. You can then compare these snapshots.

 

(Attention, this snapshot is a kind of copy, but is not to be confused with a snapshot like you get from Hyper-V (for example) where you can go back to a previous state.)

 

How this works exactly, I will explain in this post. Let's go!

 

As a first step we organize the AD Explorer from Sysinternals. To do this, you can either navigate directly to the Live Internals page:
https://live.sysinternals.com/

 

or you go to the following URL:
https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer

 

I have stored the AD Explorer directly on my domain controller. This does not have to be the case, you can also store the AD Explorer on another system that is a member of the domain.

 

With a double click on the AD Explorer you get a first message. Confirm the EULA.

ADExplorer_1.JPG

 

Now we need to establish a connection with the domain controller. Specify the name of the DC, the account of the domain administrator and the password click OK.

ADExplorer_2.JPG

 

Now we are connected to the Active Directory. Navigate to File in the menu and select "Create Snapshot".

ADExplorer_3.JPG

 

Give the snapshot a name and specify the location and click OK.

ADExplorer_4.JPG

 

I placed the snapshot in the C:\Temp drive.

ADExplorer_5.JPG

 

Navigate back to the menu on File and select "Connect". But now select the following:
"Enter the path of the previous snapshot to load" and navigate to the location of your snapshot.

ADExplorer_6.JPG

 

The snapshot is now visible in AD Explorer.

ADExplorer_7.JPG

 

Now let's imagine a leap in time. A day later, you create another snapshot, just as you created
the first one. Load the second Snapshot into the tool along with the first Snapshot.

ADExplorer_8.JPG

 

Mark the first snapshot as in the picture above. Navigate to "Compare" in the menu and select "Compare Snapshot". At "Select an archive to compare to", find your second snapshot. Then click Compare.

ADExplorer_8b.JPG

 

Bingo! Now you know what has changed in Active Directory between one day.

ADExplorer_9.JPG

 

With this great tool from Windows Sysinternals Suite you can super manage and monitor your Windows Active Directory. I hope I could give you a little idea how to use AD Explorer among other things.

 

Thank you and kind regards, Tom Wechsler

15.6K Views
3 Likes
5 Replies
Reply
5 Replies
EdilbertoPrincipejr

‎Mar 26 2021 07:28 PM

‎Mar 26 2021 07:28 PM

Re: Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

Scenario: take a snapshot before you raise the forest/domain functional level, Can you use it to rollback from the previous functional level?
0 Likes
Reply
TomWechsler

‎Mar 26 2021 10:59 PM

‎Mar 26 2021 10:59 PM

Re: Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

An Active Directory snapshot and raise the forest/domain functional level are not directly related. Regards, Tom Wechsler
0 Likes
Reply

‎Apr 14 2021 02:42 AM

‎Apr 14 2021 02:42 AM

Re: Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

Hello. I'm very curious how manually taking so many steps affects security because the data write path is created, I would rather not use it because manual configuration is always a risk of error - not predictable, and the information obtained is basically not important and necessary! Thank you very much! .
0 Likes
Reply
Thomas Nielsen

‎Mar 14 2022 04:21 PM

‎Mar 14 2022 04:21 PM

Re: Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

Would it be possible to automate the snapshot creation to once pr day?
0 Likes
Reply
TomWechsler

‎Mar 14 2022 10:09 PM

‎Mar 14 2022 10:09 PM

Re: Create snapshots with Active Directory Explorer (AD Explorer) from Sysinternals

The term snapshot in this case refers to the Sysinternals terminology (more precisely to the AD Explorer tool). This snapshot is not comparable to checkpoints in Hyper-V or snapshots in VMWare. Kind regards, Tom Wechsler
0 Likes
Reply