This hands-on lab provides a Windows administrator with an understanding of how to accomplish administrative tasks for managing Active Directory users, using different tools within a Windows Server. You will become familiar with Active Directory Users and Computers (ADUC), the newer Activity Directory Administrative Center (ADAC), and using the Active Directory cmdlets within Windows. The skills learned in this lab are essential for someone pursuing a career path as a Windows System Administrator.
Understand the scenario
You are a Windows Server administrator, using a Windows Server 2016 domain controller, assigned to manage your organization's Active Directory Domain Services environment. You need to create new Active Directory user accounts and manage existing accounts. First, you will create new accounts. Next, you will delete accounts, and then you will manage inactive and disabled accounts. Finally, you will automate password resets. Because you are new to your role, you will use Active Directory Users and Computers, the Active Directory Administrative Center, and Windows PowerShell to perform these tasks. This will allow you to evaluate the benefits and drawbacks of each method.
Create and manage Active Directory user accounts by using Active Directory Users and Computers:
Active Directory Users and Computers (ADUC) is a Microsoft Management Console (MMC) snap-in that allows administrators to manage Active Directory objects, users, computers, groups, organizational units (OUs), and attributes. You will learn how to use ADUC to perform the administrative task of adding, removing, modifying properties, and disabling users to groups in your organization.
Create and manage Active Directory user accounts by using the Active Directory Administrative Center:
Active Directory Administrative Center (ADAC) is a newer method for managing Active Directory and provides a Graphical User Interface (GUI) on top of the Windows PowerShell. You will perform similar tasks in this lesson, to become familiar with ADAC and evaluate the differences between ADUC and ADAC. You will also learn tips and tricks about managing user accounts.
Create, manage, and enumerate Active Directory user accounts by using Windows PowerShell:
The AD module for PowerShell consolidates a group of cmdlets that can be used to manage your Active Directory domains. For this task, you will learn how to use Windows PowerShell to manage Active Directory. You will learn the PowerShell command syntax to create, delete, disable, and enumerate accounts.
Create Active Directory users from a .csv file by using PowerShell:
The Windows PowerShell Integrated Scripting Environment (ISE) is a host application for Windows PowerShell. With ISE, you can run commands and write, test, and debug scripts in a single Windows-based graphic user interface. For this task, you will use Windows PowerShell ISE to create AD users from a pre-compiled list of users.
Automate password resets by using PowerShell:
In this section, you will gain more experience using Windows PowerShell. You will learn the command-line syntax to perform administrative tasks of resetting passwords for users, unlocking accounts, and creating a PowerShell variable to convert a password to a secure string.
Lab Summary Conclusion:
In this hands-on virtual lab, you will learn several methods of managing Active Directory for a Windows Domain. You will gain experience using ADUC, ADAC, PowerShell, and PowerShell ISE, to perform the basic tasks of creating, deleting, enabling, disabling, and modifying users, adding users to groups, and securely managing user passwords. These skills are essential for someone pursuing a career as a Windows System Administrator.
Other Challenges in this series
- GUIDED CHALLENGE: Manage Active Directory Groups
- ADVANCED CHALLENGE: Can You Create and Manage Active Directory Users and Groups?