IT tutorials
 
Applications Server
 

Administering with Windows PowerShell and Active Directory Administrative Center (part 4)

6/17/2013 9:41:27 PM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

The Active Directory Administrative Center

The Active Directory Administrative Center (ADAC) is a new tool with which you can administer Active Directory. Unlike the legacy Active Directory Users And Computers snap-in, which continues to be supported, ADAC was built as a graphical interface on top of Windows PowerShell. When you perform a task with ADAC, you are running one or more Windows PowerShell cmdlets or scripts behind the scenes.

ADAC is available only on Windows Server 2008 R2 and on Windows 7. You cannot add ADAC to computers running earlier versions of Windows. ADAC is added by default when you promote a Windows Server 2008 R2 domain controller. You can add ADAC as a feature by using Server Manager, and you can add ADAC to a computer running Enterprise, Professional, or Ultimate editions of Windows 7 after installing RSAT.

ADAC appears in the Administrative Tools program group. When you open ADAC, shown in Figure 3, you will notice that ADAC is task focused. You can immediately reset a user’s password or search for an object. This is in contrast to Active Directory Users And Computers, which is data focused and therefore requires you to locate an object in the hierarchy of the directory service before you can perform a task.

Active Directory Administrative Center

Figure 3. Active Directory Administrative Center

You can remove a content panel by clicking the X icon in the upper-right corner of the panel. For example, you can remove the Getting Started panel after you have acclimated to ADAC. To add a content panel, click Add Content.

ADAC provides a view of the domain hierarchy, similar to the view shown in Active Directory Users And Computers. Click the second tab (Tree View) in the navigation panel. The default view in the navigation panel, shown in Figure 3, is the List View tab.

Typically, an administrator focuses on objects in a subset of OUs in the domain—for example, the User Accounts and Client Computers OUs. You can add shortcuts to the OUs that you regularly access to the navigation panel by clicking Add Navigation Nodes. A navigation node is simply a shortcut. It appears on both the List View and Tree View tabs. You can rename, reorder, or remove navigation nodes in ADAC, but the underlying OU is not changed.

In the list view, click one of the navigation nodes to navigate the hierarchy of OUs beneath that node. Child nodes expand in a manner similar to the Windows Start menu. The list view shows the last three nodes to which you have navigated at the bottom of the list, as a most-recently used (MRU) list. Finally, at the top of ADAC is a breadcrumb bar that behaves similarly to the Windows Explorer breadcrumb bar. You can navigate the hierarchy of your domains by clicking breadcrumb elements, or you can specify a container to which to navigate by using an LDAP path, a distinguished name, or a hierarchical path.

When you select an object, a summary of object properties appears in the Summary panel, and common tasks appear in the Tasks panel. In Figure 4, the user account for April Stewart is selected.

The Summary and Tasks panels

Figure 4. The Summary and Tasks panels

To open an object in ADAC, double-click the object or click the Properties link in the Tasks panel. The properties page of an object is completely different than in Active Directory Users And Computers. An example is shown in Figure 5.

Properties of a user in ADAC

Figure 5. Properties of a user in ADAC

Click Tasks to perform common administrative tasks. Properties are shown in a single, long page. Shortcuts to sections that contain related properties appear on the left panel of the page. Click Add Sections to add or remove sections. The last section on the page, Extensions, shows the familiar tabbed interface of Active Directory Users And Computers through which you can access properties that are not shown elsewhere on the page.

When you need to find one or more objects, click Global Search in the left navigation panel. You can search based on preset examples, including Users With Enabled But Locked Accounts and Users With A Password Expiring In A Given Number Of Days, or you can build a search based on custom criteria. Click Convert To LDAP to fine-tune the query using LDAP syntax.

In the Normal view of the query, click Save to save your query for later reuse. Click Queries to open a previously saved query.

ADAC provides innovative ways to navigate, search, and administer your domain. Spend some time experimenting with this effective new interface.

Practice Creating Users with Windows PowerShell

Practice Creating Users with Windows PowerShell

In this practice, you explore Windows PowerShell and use it to create user accounts. To perform the exercises in this practice, you must have performed the Practice in Lesson 1.

EXERCISE 1 Use Commands and cmdlets in Windows PowerShell

In this exercise, you start Windows PowerShell and use commands with which you are already familiar.

  1. Log on to SERVER01 as CONTOSO\Administrator.

  2. Click Start, type powershell.exe, and then press Enter.

  3. In the Windows PowerShell console, type dir, and then press Enter.

  4. Identify the cmdlet for which dir is an alias. Type Get-Alias dir, and then press Enter.

    Question: For which cmdlet is dir an alias?

    Answer: Get-ChildItem.

  5. Type ipconfig /all, and then press Enter.

  6. Type cls, and then press Enter.

  7. Type Get-Help New-ADUser, and then press Enter.

    An error message appears. The New-ADUser cmdlet is not available because the Active Directory Module For PowerShell is not loaded.

  8. Type Import-Module ActiveDirectory, and then press Enter.

  9. Type Get-Help New-ADUser, and then press Enter.

    The Active Directory cmdlets and provider are now available.

  10. Close Windows PowerShell.

  11. Open Active Directory Module For Windows PowerShell from the Administrative Tools program group.

  12. Type Get-Help New-ADUser, and then press Enter.

    The Active Directory cmdlets and provider are immediately available because the Active Directory module is loaded by default.

EXERCISE 2 Identify and Explore a Windows PowerShell Cmdlet

In this exercise, you identify the command needed to create a new user and explore its built-in documentation.

  1. List the Windows PowerShell cmdlets for Active Directory.

    Type the following command, and then press Enter:

    Get-Command -Module ActiveDirectory

    Alternately, type the following command, and then press Enter:

    Get-Command -Noun AD*

  2. List the cmdlets that perform tasks related to users in Active Directory.

    Type the following command, and then press Enter:

    Get-Command -Noun AD*User*

    Question: Which cmdlet deletes a user?

    Answer: Remove-ADUser.

  3. Display the summary Help documentation for the cmdlet.

    Type the following command, and then press Enter:

    Get-Help New-ADUser

  4. Display usage examples for the cmdlet.

    Type the following command, and then press Enter:

    Get-Help New-ADUser -examples

    Tip: You can press the Up Arrow key to select the previously entered command, and then type the additional parameter.

  5. Display detailed Help for the cmdlet.

    Type the following command, and then press Enter:

    Get-Help New-ADUser -detailed

EXERCISE 3 Create an Organizational Unit Using New-ADOrganizationalUnit

In this exercise, you create a new OU called Employees in the User Accounts OU.

  • Type the following command on one line, and then press Enter:

    New-ADOrganizationalUnit -Name Employees
   -Path "ou=User Accounts,dc=contoso,dc=com"
   -ProtectedFromAccidentalDeletion $true

EXERCISE 4 Navigate Active Directory Using the Active Directory PSDrive

In this exercise, you navigate Active Directory using commands that are familiar to you from your experience navigating file systems in Command Prompt.

  1. Type cd AD:, and then press Enter.

  2. Type cd “dc=contoso,dc=com”, and then press Enter.

  3. Type cd “ou=User Accounts”, and then press Enter.

  4. Type md “ou=Contractors”, and then press Enter.

  5. Type the following command to create an OU called Employees in the User Accounts OU:

    New-Item -Name "ou=New Hires" -ItemType organizationalUnit

  6. Type dir, and then press Enter.

  7. Type cd c:, and then press Enter.

  8. Open Active Directory Users And Computers. Navigate to the User Accounts OU and confirm that the Employees, Contractors and New Hires OUs were created.

EXERCISE 5 Create Users with Windows PowerShell

In this exercise, you use Windows PowerShell to create users in Active Directory. You then modify attributes of one of the users.

  1. In Active Directory Module For Windows PowerShell, type the following command on one line, and then press Enter:

    New-ADUser -Path "ou=User Accounts,dc=contoso,dc=com" -Name "Mike Danseglio"
   -SAMAccountName "mike.danseglio" -UserPrincipalName "[email protected]"

  2. Type the following two commands, on one line each, and then press Enter:

    New-ADUser -Path "ou=User Accounts,dc=contoso,dc=com" -Name "Linda Mitchell"
   -SAMAccountName "linda.mitchell" -UserPrincipalName "[email protected]"
New-ADUser -Path "ou=User  Accounts,dc=contoso,dc=com" -Name "Scott Mitchell"
   -SAMAccountName "scott.mitchell" -UserPrincipalName "[email protected]"

  3. Create a user with additional attributes. Type the following command on one line, and then press Enter.

    New-ADUser -Path "ou=User Accounts,dc=contoso,dc=com" -Name "Mary North"
   -SAMAccountName "mary.north" -UserPrincipalName "[email protected]"
   -EmailAddress "[email protected]" -GivenName "Mary" -Surname "North"
   -Description "Sales Representative in Australia"
   -Company "Contoso, Ltd." -Department "Sales"
   -Office "Sydney" -AccountPassword (ConvertTo-SecureString
   -AsPlainText "Pa$$w0rd" -Force)
   -ChangePasswordAtLogon $true -Enabled $true

  4. Switch to Active Directory Users And Computers. Refresh the view of the User Accounts OU. Open the properties of the user accounts you just created, and confirm that the attributes you specified were configured as expected.

    Notice that the user accounts for Linda Mitchell and Scott Mitchell are disabled. They cannot be enabled until a password has been specified. Reset the password of each account, but do not enable the accounts at this time. You will enable the accounts in the practice in Lesson 3.

  5. Switch to Active Directory Module For Windows PowerShell.

  6. Type the following commands:

    $user = Get-ADUser "mary.north"
Set-ADUser $user -EmployeeNumber 12345

  7. Type the following command, and then press Enter:

    Get-ADUser "mary.north" | Set-ADUser -DisplayName "North, Mary"

  8. Type the following command, and then press Enter:

    Get-ADUser "mary.north" -Properties *

    By default, the Get-ADUser cmdlet returns only a few of the most commonly used attributes. You can specify the properties to return by using the -Properties parameter. An asterisk (*) returns all properties.
 
Others
 
- Administering with Windows PowerShell and Active Directory Administrative Center (part 3)
- Administering with Windows PowerShell and Active Directory Administrative Center (part 2)
- Administering with Windows PowerShell and Active Directory Administrative Center (part 1)
- SharePoint 2010 : Service Applications - Consuming another Farm's Service
- SharePoint 2010 : Service Applications - Publishing a SharePoint service
- SharePoint 2010 : Service Applications - Establishing a trust relationship between two farms
- Installing Exchange Server 2007 : Implementing Active Directory from Scratch (part 3) - Configuring Active Directory Sites and Services, Configuring a Global Catalog Server
- Installing Exchange Server 2007 : Implementing Active Directory from Scratch (part 2) - Installing the Service Pack, Installing the First Domain Controller for a New Domain
- Installing Exchange Server 2007 : Implementing Active Directory from Scratch (part 1) - Installing Windows Server 2003
- BizTalk Server 2009 : Playing By The Rules? Use The Business Rule Engine - How Does the BRE Work?
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us