Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Networking basics: Part 11 - Active Directory Users and Computers Console
Brien M. Posey
In the previous parts of this series, I have shown you how to work with AD. In this section we will continue all that needs to be done for a network.
Windows Server 2003 has a number of other tools used for AD management. This AD management tool allows you to use most of the daily management tasks that are the Directory Users and Computers console. As the name implies, this tool is used to create, manage and delete user accounts and computers.
You can access this tool by clicking your server's Start button and from the Start menu to All Programs / Administrative Tools. Select Active Directory Users and Computers near the top of the Administrative Tools menu. You need to remember that only domain controllers have this option, so if you don't see the Active Directory Users and Computers command, you must log on to the domain controller.
Another thing that you have to note is that the Administrative Tools menu includes a couple of other AD tools: Active Directory Domains and Trusts and Active Directory Sites and Services. We will introduce these utilities in some of the following articles.
When you open the Active Directory Users and Computers section, you will see a screen like Figure A below. You can review from the previous sections in this series, AD has a forest, this forest consists of one or more domains. Although the forest represents an entire AD, the Active Directory Users and Computers control panel does not allow working with AD at the forest level. This interface is just a domain level tool. In fact, if you look at Figure A, you'll see that production.com is marked. Production.com is a domain on our network. All other items listed below are objects of AD domain for each domain.
Networking basics: Part 11 - Active Directory Users and Computers Console Picture 1
Figure A: The Active Directory Users and Computers interface allows managing individual domains
You can see that production.com is one of our network domains and there is no other domain listed in Figure A. That's because Active Directory Users and Computers only lists one domain at a time to keep the interface look neat. The domain is listed in the interface that corresponds to the domain controller that you are logged in to. For example, while writing this article, I logged into one of those domain controllers, production.com, so the Active Directory Users and Computers will connect to the production.com domain.
The problem is that these domains are often geographically dispersed. For example, large companies must have different domains for each company's office. If you're now in Miami, Florida and another part of the company presenting an office in Las Vegas, Nevada, it won't have to travel a great distance across the United States every time you need to manage a Las Vegas domain. .
Although the Active Directory Users and Computers default displays the domain associated with the domain controller that you are logged in to, it is still possible to use this interface to display any domain you have the right to manipulate. . All you need to do now is right-click the domain that is being displayed, then select the Connect to Domain command from the right-click menu. When you do so, there will be a screen displayed, which allows you to enter the domain name you want to connect to or click the Browse button and browse the domain.
When a domain is located far away, you can be very difficult to log in directly to the domain controller. For example, I worked in a number of offices in which domain controllers were placed in separate buildings or there were no favorable conditions for me to log in to the domain controller to perform security work. daily maintenance.
However, the good news is that there is no need to log in to the domain controller to access the Active Directory Users and Computers interface, just log in to the domain controller to access the Active Directory Users and Computers interface from Administrative Tools menu. You can access this interface as a member server by manually loading it into the Microsoft Management Console.
To do so, enter the MMC command into the server's RUN command window. When done, the server will open an empty Microsoft Management Console. Next, select the Add / Remove Snap-In command from the console's File menu. Windows will now open the Add / Remove Snap-In properties window. Click the Add button on the Standalone tab in the properties window, you will see a list of available snap-ins. Select the Active Directory Users and Computers option from the list of snap-ins and click Add , followed by Close and OK . The console will now be loaded.
In some cases, loading the interface in this way may cause an error. If you see an error and the interface does not allow domain management after right-clicking on Active Directory Users and Computers, select the Connect to Domain Controller command from the right-click menu. You can now connect the console to a domain controller without logging in to that domain controller. That way you will be able to manage the same domain as in the domain controller console.
The technique works if you have a server, but what if your workstation is using Windows Vista, and all servers are on the other side of the building.
One of the simplest solutions to solve this problem is to set up an RDP session for one of the servers. RDP is remote desktop protocol (Remote Desktop Protocol). This protocol will allow remote control of servers in your organization. In a Windows Server 2003 environment, you can enable a remote session by right-clicking My Computer and selecting the Properties command from the right-click menu. You will then see the system properties window. Go to the Remote tab and select the Enable Remote Desktop on this Computer checkbox (see Figure B).
Networking basics: Part 11 - Active Directory Users and Computers Console Picture 2
Figure B: Configure a server to support remote desktop connections (Remote Desktop)
To connect to the server from a Windows Vista machine, select the Remote Desktop Connection command from the All Programs / Accessories menu. When done, you will see the screen appear as shown in Figure C. Now enter your server name and click the Connect button to set up a remote session.
Networking basics: Part 11 - Active Directory Users and Computers Console Picture 3
Figure C: It is easier to connect to a remote server using Windows Vista
Conclude
In this article, I have explained about Active Directory Users and Computers. In it, we explained how to use this interface to manage remote domains. In Part 12, I will continue the discussion by showing you the other possibilities of this tool. Invite you to read.
David PacYou should read it
- Network basics: Part 13 - Creating groups
- Network basics: Part 12 - User account management
- Theory - What is Active Directory?
- Network basics: Part 9 - Information about Active Directory
- How to install Active Directory on Windows Server 2019
- DNS protection for Windows (Part 2)
- How to Enable Active Directory in Windows 10
- Restore deleted components in Active Directory
- Prevent deleting data in Windows Server 2003 Active Directory
- Instructions for installing Active Directory on Windows Server 2008
- Prepare Active Directory for Exchange 2007 (P.4)
- How to Back Up Active Directory in Windows
Maybe you are interested
Social network X changed its domain name to X.com
How IP Addresses and Domain Names Work Together
Configure Auto-Login for Windows 7 Domain or Workgroup PC
How to set up a custom email domain with iCloud Mail on iPhone
Microsoft will allow Domain Controllers to be allowed to have an internet connection
Cryptocurrency Insurance: This Domain Could Be a Big Industry in the Coming Futur
Working with Network Monitor (Part 3)
Network basics: Part 12 - User account management
4 tips for building better wireless networks
Deploy Data Protection Manager 2007 (Part 1)
Deploy Data Protection Manager 2007 (Part 2)
Network basics: Part 13 - Creating groups