Today we will see a quick demo on Active Directory Management. It’s been years and we are still using Active Directory Management Console and over the time as your organization grows the management becomes a real challenge. Windows Server 2008 R2 introduces lot of new features related to Active Directory such as AD Recycle Bin and Active Directory Administrative Center.
Active Directory Administrative Center is the next generation management tool introduced in Windows Server 2008 R2. This tool is designed to ease the Active Directory management. We will now see how to make use of this Active Directory Administrative Center. By the way this tool powered by PowerShell that means we can make use of PowerShell cmdlets available for our disposal in order to manage the Active Directory.
I have a domain controller configured with woodgrovebank.com domain. Let’s start with the Active Directory Administrative Demo. In this demo we will see how we can easily search for the user and configure the account. This is easier than the typical way of managing.
Step 1: Go to Start menu, click Administrative Tools/Active Directory Administrative Center.
Step 2: In the Reset Password box, in the User name, type Woodgrovebankaviraj and then press TAB
Notice you will get the message “The password will be reset for woodgrovebankaviraj”
Step 3: Type the new password for this user and click on Apply. You will see the message saying password reset successfully.
Next, up let’s continue with the other demo for searching through the users’ properties using the Active Directory Administrative Center.
Step 1: In Active Directory Administrative Center left hand side pane, expand Woodgrovebank (local), click on the arrow and expand the OU and type In, you will see India OU then click on small arrow again and type Mum, you will see the OU starting with Mum and in this case it is Mumbai.
Step 2: Double click on the Mumbai OU, this will show the user Aviraj Ajgekar, which is currently disabled user account and you can see the brief summary about the same user. And in the right hand side, it will show the Tasks pane where you can perform certain actions related to that particular user.
Step 3: Double click on the above user Aviraj Ajgekar and you will be able to see all the properties related to this particular user.
You will see the properties such as Account, Organization, Member Of, Profile and Extensions details for this user.
Notice the Red Boxes numbered 1, 2, 3
Number 1: Sections talking about user details
Number 2: Close or Expand the certain section
Number 3: Add the sections as per the requirement
Step 4: Using the following you can add/remove the sections as per your requirements.
As we said Active Directory Administrative Center is powered by PowerShell, we will now use built in Active Directory PowerShell module to manage some of the useful tasks with the help of PowerShell cmdlets.
Go to start menu, click on Windows PowerShell ISE. This will launch PowerShell Integrated Scripting Environment for running PowerShell scripts.
Step 1: Type the following command to load the Active Directory Module for PowerShell
Step 2: Type the following command to List available Modules, this will show available module name: ActiveDirectory
Step 3: Type the following command to Display the commands related to Active Directory.
Get-Command –Module ActiveDirectory
Well, that’s all you need to kick off. Next command you can try on your own depending upon how and which commands you want to use.
Note: In this command you have to provide filter to get the user list. In this case Filter samAccountName –like “Aviraj”
That’s all from Active Directory Administrative Center using the built in MMC & using PowerShell ISE. You can make you of these cmdlets to easier your and managing your AD environment much more easily. For more info, scripts keep visiting Hey Scripting Guy’s blog.