Active Directory

Active Directory Users and Computers (ADUC)

active-directory-user and-computers-console

IT administrators have been working with Active Directory since the introduction of the technology in Windows 2000 Server. Windows 2000 Server was released on February 17, 2000, but many administrators began working with Active Directory earlier, when it was released to manufacturing (RTM) on December 15, 1999.

There are number of tools for Active Directory. The tool that we will cover today is Active Directory Users and Computers (ADUC), which was released with Windows 2000 Server.

Active Directory Users and Computers (ADUC) is a Microsoft Management Console snap-in that you use to administer Active Directory (AD). You can manage objects (users, computers), Organizational Units (OU), and attributes of each.

In addition to managing objects, ADUC can also manage domain operations. For example, you can use ADUC to raise the domain functional level or to transfer the RID, PDC Emulator, and Infrastructure FSMO roles to a different domain controller.

Active Directory Users and Computers (ADUC) is a common tool used by administrators in Active Directory AD to carry out everyday activities and much more. The following are some of the activities that an administrator may complete with the use of this MMC snap-in:

  • Create and manage Active Directory objects and their attributes, such as users, computers, groups, and contacts.
  • Create Organizational Units (OU), and move users and machines into and around them.
  • Delegate Group Policy management permissions to users.
  • In AD, define advanced security and auditing.
  • Manage FSMO roles like RID master, PDC Emulator, and Infrastructure master.
  • Raise the functional level of the domain.
  • Advanced feature settings that help with the management of the LostAndFound container, NTDS Quotas, Program Data, and System data.
  • Change passwords
  • Reset user accounts
  • Add users to security groups

How to Install Active Directory Users and Computers

The installation method for ADUC for Windows 10 1809 and later changes from the one for Windows 10 1803 and before. The following are the two methods for installing ADUC:

Installing Active Directory Users and Computers for Windows 1809 and higher

The deployment technique for ADUC for Windows 10 1809 and later changes from the one for Windows 10 1803 and before. The following are the two methods for installing ADUC:

Installing Active Directory Users and Computers for Windows 1803 and lower, and Windows 8

  1. Go to Start, select Settings, and then Apps.
  2. Click on Manage Optional Features
  3. In the new window, click on Add feature.
  4. Select RSAT: Active Directory Domain Services and Lightweight Directory Tools, and then click Install.

The ADUC console will be included in the installation of Active Directory Domain Services and Lightweight Directory Tools. Go to Start to confirm. Windows Administrative Tools will now be on the list.

Installing ADUC using the command line

If you have Windows 10 version 1809 or later, you may also install ADUC through the command line as follows:

  1. Click Start (or press Win+R). Type “cmd” and click Enter.
  2. Run following commands:
dism /online /enable-feature /featurename:RSATClient-Roles-AD
dism /online /enable-feature /featurename:RSATClient-Roles-AD-DS
dism /online /enable-feature /featurename:RSATClient-Roles-AD-DS-SnapIns

How to open Active Directory Users and Computers  

Several methods for opening Active Directory Users and Computers on a DC are as follows:

Using the RUN command

  • Go to Start, and click Run.
  • Type dsa.msc, and hit Enter.

Using the Start button

  • Go to Start → Administrative Tools → Active Directory Users and Computers.

ADUC Use

To open the ADUC console, choose Start, then Administrative Tools, and then Active Directory Users and Computers.

  • Choose the domain to which you wish to add the user, then expand its contents.
  • Right-click the container to which you wish to add a user (often Users), choose New, and then User.
  • Type the new user’s first name, last name and logon name. Then click Next.
  • Type and confirm a new password for the user. Make sure you enable one of the following options to control how the user must manage their password:
  • User must change password at next logon
  • User cannot change password
  • Password never expires
  • Account is disabled
  • Click Next.
  • Make sure everything you entered is correct and then click Finish.

Add a user to a group

  • Right-click the domain in which you want to add a user to the group and then select Find.
  • Select Users, Contacts, and Groups in the Find dropdown list.
  • Enter the name of the group you want to add the user to, click Find Now, select proper group in search results and click OK.
  • 4. Go to Action > Properties and select the Members
  • Click Add.
  •  Enter the name of the user to add to the group (if you specify multiple users, separate the names using semicolons), and then click Check Names. Alternatively, you can use Advanced button to search for the users one by one.
  • Select each of the users you want to add to the group, and then click OK.

Remove a user from a group

  • Right-click the domain from which you want to remove the user and then select
  • Select Users, Contacts, and Groups in the Find dropdown list.
  • Enter the name of the group you want to remove the user from and click Find Now.
  • Right-click the group and select Properties.
  • Go to the Members tab, highlight the user and click Remove.

Disable a user account

  • Select the user’s domain and expand its contents.
  • Right-click the user’s account. (To select multiple users, hold down the CTRL). Then click Disable Account.

Reset a user’s password

  • Navigate to the Users folder of the user’s domain.
  • Right-click the user’s name, choose All Tasks and select Reset Password.
  • Type a new password, type it again in the Confirm password box, and then click OK.

Move a user to another OU

  • Right-click Active Directory Users and Computers and select Connect to Domain.
  • Enter the name of the user’s domain and click OK.
  • Right-click the user and select Move.
  • Choose the container you want to move the user to and then click OK.

Change a user’s data

  • Right-click Active Directory Users and Computers and select Connect to Domain.
  • Enter the name of the user’s domain and click OK.
  • Right-click the user and select Properties.
  • Navigate to the tab containing the data you want to change, make your edits, and click

Other Tools in RSAT for Managing Active Directory

RSAT also comes with the following tools:

Active Directory Administration Center – Here is where you can control the AD trash can and password rules, as well as view your PowerShell history.
Install the Active Directory Module for Windows PowerShell to enable PowerShell cmdlets for AD administration.
Domains and Trusts in Active Directory — Manages functional level, forest functional level, user principal names (UPNs), and trust between forests and domains.
Sites and Services in Active Directory – Allows you to access and administer your sites and services.
ADSI Edit — Has some capabilities for managing AD objects, however most experts prefer that you use ADUC instead.

Frequently Asked Questions

  1. What ADUC is used for?

ADUC is a Microsoft Management Console (MMC) snap-in that enables administrators to manage Active Directory objects and their attributes. For example, they can:

  • Change passwords
  • Reset user accounts
  • Add users to security groups
  • Create and delete organizational units (OUs)
  • Handle FSMO roles like RID master, PDC Emulator and infrastructure master
  • Create and manage computers, groups and users and their attributes
  • Delegate control of objects
  • Define advanced security and auditing in AD
  1. How do I get Active Directory Users and Computers on Windows 10?

In Windows 10 version 1809 or higher, you can enable ADUC by going to Settings > Apps and Features > Optional features > Add a feature. In older versions of Windows, to get ADUC, you need to download and install the RSAT package manually.

  1. How do I install RSAT on Windows 10?

Starting with the October 2018 update to Windows 10, RSAT is included as a set of “Features on Demand,” so you don’t need to install it. You simply need to enable the specific RSAT tools you require by going to Settings > Apps and Features > Optional features > Add a feature.

 If you’re using an earlier version of Windows, you need to manually download and install RSAT.

  1. What is RSAT tool?

The Remote Server Administration Tool enables you to remotely manage Windows Server services and features from a Windows computer.

  1. What is included in Remote Server Administration Tools?

RSAT has a busload of tools, including ADUC, Active Directory Module for Windows PowerShell and Active Directory Administrative Center (ADAC).

So, that’s all in this blog. I will meet you soon with next stuff. Have a nice day!!!

Recommended content

RODC Installation Guide- Step by step guide to install read only domain controller

RODC Filtered Attribute Set

Installing and configuring a RODC in Windows Server-2012

How to find the GUID of Domain Controller

Understanding Group Policy Preferences

Group Policy Verification Tool GPOTool Exe

Group Policy Health Check on Specific Domain Controller

Netlogon Folder in Active Directory

Custom Attributes in Active Directory

Tombstone Lifetime of My Active Directory Forest

Computers AD Site From the Command Line

Active Directory Database Integrity

Disabling and Enabling the Outbound Replication

DFS Replication Service Stopped Replication

Strict Replication Consistency

The replication operation failed because of a schema mismatch between the servers involved

Troubleshooting ad replication error 8418 the replication operation failed because of a schema mismatch between the servers

Replication information in txt file

Repadmin Replsummary

Enabling the outbound replication

Guys please don’t forget to like and share the post. Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them.

You can also share the feedback on below windows techno email id.

If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

As you found this post useful...

Follow us on social media!

Was this article helpful?
YesNo

Vipan Kumar

He is an Active Directory Engineer. He has been working in IT industry for more than 10 years. He is dedicated and enthusiastic information technology expert who always ready to resolve any technical problem. If you guys need any further help on subject matters, feel free to contact us on admin@windowstechno.com Please subscribe our Facebook page as well website for latest article. https://www.facebook.com/windowstechno
Back to top button