zaro

How to Install and Use Active Directory Users and Computers (ADUC)?

Published in Active Directory Management 4 mins read

Active Directory Users and Computers (ADUC) is a fundamental administrative tool for managing objects within an Active Directory domain. It's not a standalone application that you "download" in the traditional sense, but rather a management console that you install as part of the Remote Server Administration Tools (RSAT) on Windows client operating systems (like Windows 10 or 11) or server operating systems. Once installed, ADUC allows administrators to create, modify, delete, and manage users, computers, groups, organizational units (OUs), and other Active Directory objects.

Installing Active Directory Users and Computers (ADUC)

To effectively manage an Active Directory environment from your workstation, you need to install the ADUC snap-in. This is typically done through the Optional Features settings on modern Windows client versions.

Prerequisites

  • Operating System: Windows 10 version 1809 or above, or Windows 11.
  • User Permissions: Local administrator privileges on the workstation where you intend to install ADUC.
  • Internet Connection: Required for Windows to download the necessary components if they are not already cached.

Step-by-Step Installation on Windows 10/11

Follow these simple steps to install the Active Directory Users and Computers tool:

  1. Click the Start menu and then navigate to Settings > Apps.
  2. In the Apps settings, click on Optional Features.
  3. Click Add a feature at the top of the Optional features list.
  4. Scroll through the list of available features and locate RSAT: Active Directory Domain Services and Lightweight Directory Services Tools.
  5. Select this feature and then click Install.

Windows will then download and install the necessary components. Once the installation is complete, you can find the Active Directory Users and Computers console under Windows Administrative Tools in your Start menu.

Alternative Installation Methods

While the graphical user interface (GUI) method is straightforward, administrators might also use other methods for installation, particularly in automated or large-scale deployments:

  • PowerShell: For scripting and automation, PowerShell commands can be used to install RSAT components. For example, Add-WindowsCapability -Online -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0 can install the AD DS and LDS Tools.
  • Group Policy or SCCM: In enterprise environments, IT departments can deploy RSAT tools using Group Policy or management tools like Microsoft System Center Configuration Manager (SCCM).

What is Active Directory Users and Computers (ADUC) Used For?

ADUC is the primary graphical tool for day-to-day Active Directory administration. It provides a hierarchical view of your domain and its objects, allowing for intuitive management.

Key Management Tasks with ADUC

Administrators frequently use ADUC to perform a wide range of tasks, including:

  • User Account Management:
    • Creating new user accounts.
    • Resetting user passwords.
    • Enabling or disabling user accounts.
    • Modifying user properties (e.g., department, phone number, logon hours).
    • Moving user accounts between Organizational Units (OUs).
  • Group Management:
    • Creating new security and distribution groups.
    • Adding or removing members from groups.
    • Changing group scope (e.g., Global, Domain Local, Universal).
  • Computer Account Management:
    • Viewing joined computer accounts.
    • Disabling or deleting computer accounts.
    • Resetting computer accounts for re-joining the domain.
  • Organizational Unit (OU) Management:
    • Creating a logical structure within the domain by creating new OUs.
    • Moving objects (users, computers, groups, other OUs) between OUs.
    • Delegating administrative control over specific OUs.
  • Shared Resources Management:
    • Managing shared folders and printers published in Active Directory.

Best Practices for Using ADUC

To ensure efficient and secure Active Directory management:

  • Run as Administrator: Always launch ADUC with administrative privileges.
  • Connect to Specific Domain Controllers: If managing a multi-domain controller environment, ensure you are connected to the desired domain controller (right-click "Active Directory Users and Computers" at the root of the console and select "Change Domain Controller...").
  • Understand OU Structure: A well-designed OU structure is crucial for effective management and applying Group Policies.
  • Regular Backups: While ADUC itself doesn't perform backups, regular Active Directory backups are essential for disaster recovery.

By understanding how to install and effectively use Active Directory Users and Computers, administrators can maintain a healthy and organized Active Directory environment.

← Previous Article
What is the best starting class in Enshrouded?
Next Article →
What Does G.I. Joe Stand For?