DocumentationRelease Notes
Documentation

Use the BeyondTrust Management Console

You can use the console to perform the following tasks:

  • Run multiple instances of the console and point them at different domains.
  • Run the console with a different user account.
  • Upgrade your Active Directory schema.
  • Obtain status information about your Active Directory forests and domains.
  • Migrate Unix and Linux users and groups by importing passwd and group files and mapping the information to users and groups in Active Directory.
  • Remove orphaned objects.
  • Generate reports about users, groups, and computers.
  • Start Active Directory Users and Computers (ADUC), Cell Manager, and the Migration tool.

Start the BeyondTrust Management Console

Depending on the options chosen during installation, start the BeyondTrust Management Console by:

  • Double-clicking the BeyondTrust Management Console shortcut.
  • Clicking Start > All Programs > BeyondTrustAD Bridge > BeyondTrust Enterprise Console.
  • At the command prompt, executing the following command:
    cd %ProgramFiles%\BeyondTrust\PBIS\Enterprise\iConsole.bmc
    
    After you start the console, you can navigate to all other pages in the console, including the BeyondTrustAD Bridge Status page.

The BeyondTrustAD Bridge Status page displays the following information for the selected Active Directory forest. After you start the console, it may take a few moments to retrieve information about your domains.

  • BeyondTrustAD Bridge Version: The AD Bridge version and build number. BeyondTrust technical support personnel may ask you for this information when you contact them for assistance.
  • Cell count: Displays the number of cells that are associated with organizational units in the selected domain, including the Default Cell.
  • Mode: Directory Integrated, Schemaless (see note below), or ID Range. Directory Integrated indicates that the selected forest is using the RFC 2307-compliant schema. Schemaless indicates that it is not. ID Range defines a range available to the domain; it is configurable at the forest root, via GPO, or locally, using the config tool.
  • Licenses Installed: Indicates if valid product licenses are deployed.

ℹ️

Note

Schemaless mode is deprecated.

Connect to an Active Directory forest

If AD Bridge detects more than one Active Directory forest, it displays them on the AD Bridge Status page. Connect to a forest by double-clicking the forest name.

To connect to another domain:

  1. In the BeyondTrust Management Console tree, right-click the Enterprise Console node, and then click Connect to Domain.
  2. Enter the FQDN of the domain that you want to connect to.
  3. Enter the credentials of an Active Directory administrator.

Replication in a large forest or in multiple domains

When you set up AD Bridge in an environment with a large forest or multiple domains, it may take some time for the AD Bridge objects and the schema update to replicate to the rest of the domain.

Replication must complete before the domain and its child domains are fully enabled for AD Bridge. You will be unable to connect to a child domain until replication finishes.

Add a plug-in with the AD Bridge console

The console includes several plug-ins:

  • Access and Audit Reporting
  • Enterprise Database Management
  • Operations Dashboard.

To add a plug-in:

  1. In the console, on the File menu, click Add/Remove Plug-in.
  2. Click Add.
  3. Click the plug-in that you want, and then click Add.
  4. Click Close, and then click OK.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.