Uncomplicated AD Object Management on a Remote Server Domain
By Allan Brennan
Windows Server comes with different tools, also known as MMC (Microsoft Management Consoles) for
managing the active directory. The most common of these tools is the Active Directory Users and
Computers (ADUC) snap-in which is used for daily management of users and computer objects. With this
MMC console, administrators can create, manage and delete user and computer accounts configured
with the directory structure. In order to access this console, you have to navigate through
Start menu to All Programs / Administrative Tools and ensure that you are logged into a domain
controller since only a DC contains this option.
The Under Administrative Tools menu there are other snap-in consoles as well, such as
the Active Directory Schema. Schema as we all know contains the attribute definitions of Active
Directory objects, but in order to accommodate new definitions in the pool of the already existing
ones, schema modification is required. Active directory schema MMC console is used for this
purpose, although such modifications take place at the forest functional level.
On the other hand, the active directory users and computers console is strictly a domain
level snap-in and does not allow you to work on the Active Directory at the forest level. With
this tool, you can only work on the Active Directory objects specific to a domain.
Furthermore, the domain which gets listed on the console is the one corresponding to the
domain controller on which you will be logged on to. In case you wish to manage a different domain,
say a remote domain for a different geographical location, you can take help of the Connect to
Domain command. This command lets you search the required domain or enter the domain IP address to access it.
However, this was the case for a remote domain. What if the domain controller itself
is situated at a different location? Well, active directory users and computers let you to
manage domains even if you are not logged in domain controller. ADUC can be easily accessed
from a member server by manually loading it on an MMC. This can be carried out by entering
the MMC command at the Run prompt of the server to load the console with the tool.
However, for this option, you must have a server at disposal. Otherwise it becomes necessary
to establish a Remote Desktop Protocol (RDP) session with one of the servers. This protocol
allows you to control server remotely, even a domain controller server. This way you can use
the ADUC console even from a remote domain controller.
These hassles can however be avoided with the use of Lepide Active Directory Management
and Reporting (LADMR) software. This AD management tool eliminates the need of MMC consoles
like ADUC or ADS as it provides a single interface for all kinds of tasks like creating, managing
and deleting user or computer accounts and viewing or modifying the AD schema.
Whether you have to manage objects on a remote domain or local, this software will provide
a single console tree where all the domains and their constituent objects can be viewed and
managed easily without worrying about RDP sessions or DC server login.
This article has been written by an award winning author who has written thousands of
articles and contributed to several books on general networking. The article talks about
Active Directory users and computers console
and how it can be used to manage remote domains.
More Windows Administration Information:
• CompTIA Security+ Made Easy
• Restrict Web Browsing With Internet Explorer
• Configure Vista's Data Execution Prevention
• Video - Microsoft Remote Desktop - Part Two
• Guide To Setting Up Dual Monitors
• Windows Event Logs for Maintaining or Troubleshooting Your PC
• Kill The Messenger (Service)
• Hands-On Microsoft Windows Server 2008 Administration
• SMART Disk Drives Warn You Before They Fail
• How to Share a Printer
| 
About BTH
User Agreement
Privacy
Site Map
Contact
News Feeds
RSS Feed
Follow @Stephen Bucaro
Windows Troubleshooting
