Manage Active Directory Accounts Part 1

Practice Labs Module
Time
57 minutes
Difficulty
Intermediate

The "Manage Active Directory Accounts Part 1" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Configuring Delegated Administration of OUs, Managing User Accounts.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Overview

Introduction

The Manage Active Directory Accounts Part 1 module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Configuring Delegated Administration of OUs
  • Managing User Accounts

Lab Time: It will take approximately 1 hour to complete the exercises in this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Delegate the creation and management of Active Directory groups and OUs
  • Automate creation of AD accounts: create copy, configure and work with templates
  • Perform bulk Active Directory operations

Exercise 1 - Configuring Delegated Administration of OUs

The assignment of administrative roles to trusted personnel or security groups in an Active Directory Domain is simplified with the use delegation control wizard. Using admin programs such as Active Directory Users and Computers, the administrator can grant a group the permission to manage objects like users, groups, organizational units with specific tasks like resetting user passwords, creating groups the modifying their membership, create child organizational unit among others.

Exercise 2 - Managing User Accounts

The Active Directory Administrator is responsible for managing all aspects of the domain that includes the users, groups and computers accounts in the domain. Creating, modifying, and deleting objects are some of the common tasks that the administrator in a typical domain network. The AD object management can be either done through Active Directory Users and Computers or through a number of tools, which allow the administrator to automate the administration.

Windows Server 2016 like the earlier versions includes a number of tools that you, as an administrator, can use to manage the AD object accounts. Depending on the requirements, you can use specific tools. For example, you may need to import a number of users to the Active Directory. While you can do this, but all tools may not be appropriate for importing the existing user accounts.

Some of the key tools that you, as the administrator, can use are:

  • Dsadd allows you to create bulk AD objects using batch files.
  • Comma-Separated Value Directory Exchange (CSVDE): allows you to create new AD objects using a comma-separated value (.csv) file.
  • LDAP Data Interchange Format Data Exchange (LDIFDE): allows you to import information and use it to add, delete, or modify AD objects. Using this tool, you can also modify the Active Directory schema.
  • Windows PowerShell: allows you to create AD objects creation scripts.
Learning Partner
Practice Labs

IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.

Courses