Know more about Active Directory Users and Computers

Know more about Active Directory Users and Computers

Active Directory Users and Computers is a Microsoft Management Console (MMC) which get’s installed when a server is promoted as a Domain Controller. However, you can use this console on members servers and clients by installing additional tools. Active Directory Users and Computers is a Microsoft Management console, through which we can do centralized management of objects like computers, users, and groups in Active Directory. Active Directory also contains information like security identifier and rights of these objects.

There are various operations that can be performed using AD Users and Computers. We can create, manage, edit and delete users, groups and computer accounts through Active Directory Users and Computers. AD Users and Computers console, also shows the information regarding Domain Controllers and computers added in the domain. It automatically gets installed while installing the role of Active Directory Domain Services. AD Users and Computers allow us to create a tree similar to our organization’s structure using Organizational Units (OU). OU is similar to a container, in which we can place users, computers, groups and other Organizational Unit. You can create OUs but you can’t create containers.

After the successful installation of the Active Directory Domain Services role and promoting a server to Domain Controller, we can open the console of Active Directory Users and Computers by typing “DSA.MSC” in the run console or by clicking on start button and then select Active Directory Uses and Computers. In the ADUC, we can see existing OUs and Containers. These containers and OUs are automatically created and contains information about the default Users, Groups and Computers. The first folder we see is “Saved Queries” under Active Directory Users and Computers. In saved queries, administrators can create new queries to search users, computers, OUs and others objects and save that searches for future use.

Let’s understand some of the default Containers and OUs created in Active Directory Users and Computers. Expand the name of domain i.e itingredients.com in this case. This information is critical not only from Administration purpose but also for interview prospective.

1. Builtin Container: It contains all the default groups of the domain like Administrators, Account operators, Backup operators, Network configuration operators and many other groups. These groups are helpful in providing administrative rights in different functional areas.

2. Computers Container: This container is the default container of all the computer objects in the domain, either member server or client computers. All the Computers that are added in the Domain create their account in this container.

3. Domain Controllers OU: By default all the domain controllers are listed here. Any new Domain Controller that is promoted in the environment would create the Computer account in this OU.

4. ForeignSecurityPrincipals: It is the default container of the SIDs (Security Identifiers) of the objects that belong to the trusted external domain.

5. Managed Service Accounts: It is the default container for managed service accounts.

6. Users: It is a default container of all the domain users and security groups like Cert Publishers, DHCP Administrators, DHCP Users, DNS Admins, Domain Admins and other security groups. All the domain users are created here by default.

In addition to that, you can create your own Organizational Units in which you can further create nested OUs, users, groups and Computers. It is very useful for efficient management of your environment.