Active Directory (AD) is a database and a suite of services that connect users with the network resources needed to complete their tasks.
The directory, or database, contains essential information about the environment, including details about users and computers, as well as their permissions. For example, the database might list 100 user accounts, including each person’s job title, phone number, and password, along with their permissions.
The services manage much of the activity within the IT environment. They ensure that each user is authenticated, typically by verifying their user ID and password, and authorized, granting access only to the data and resources they are permitted to use.
Here are the steps for user and group management, maintenance and optimization of Active Directory on Kamatera.
Install Active Directory Domain Services
To set up Active Directory, you first need to install Active Directory Domain Services on your Windows Server. After the installation, the server can be promoted to a Domain Controller. Follow these steps:
From the dashboard:
Click on Add Roles and Features. A new screen will open.
At Select Installation Type, select Role-based or feature-based installation. Click Next.
Select a server from the server pool. In Server Pool, make sure that your local computer is selected. Click Next.
Select Active Directory Domain Services checkbox from Roles. Click Next.
Next, you’ll be prompted to add the required features. Click Add Features to proceed. Click Next.
Click on Add Features to proceed.
Make sure you read the information on the Active Directory Domain Services dialog. Click Next.
In the Confirmation dialog, click Install to install the selected roles, role services, and features on your server.
The installation process will start. Once it’s finished, click Close to exit the wizard.
Promote Your Server to Domain Controller
When the installation is complete, click Notifications in Server Manager.
Click the link titled Promote this server to a domain controller.
Once the Active Directory Domain Services Configuration Wizard dialog opens, select Add a new forest and enter the Root domain name (ex: ADtestsample.com).
In the Domain Controller Options dialog, leave Forest functional level and Domain functional level enabled as default.
Provide a secure password (kamatera@2024) for Directory Services Restore Mode.
Ignore the warning given on the DNS Options dialog. Click Next.
Select Next.
Verify your server’s NetBIOS domain name (ADTESTSAMPLE) and select Next.
Select Next.
Specify the locations for the following:
AD DS Database folder
Log Files folder
SYSVOL folder
Unless you have a specific enterprise use case, it’s advisable to leave everything as default.
Review your selections carefully, and once satisfied, click Next to proceed.
The installation wizard will perform validation of prerequisites before proceeding with the installation of AD DS. Once all the checks are passed successfully, select Install to initiate the installation process.
The installation process will commence.
Once the installation is complete, click Close to finish the wizard. The system will restart.
Your Active Directory Services have now been installed successfully. Your machine will be rebooted automatically to apply the changes.
How to create, manage, and delete users and groups in Active Directory
Create a new user in Active Directory.
Type Server Manager in the search bar. A Server dashboard will be displayed. Go to Tools and select Active Directory Users and Computers.
Click on your Domain name from left-hand menu (ex: ADtestsample.com).
Depending on whether you are using organizational units or not, find the appropriate object to place user in that. By default, we can use Users object if do not want to create an organizational unit.
After selecting the object, right click on it and select New from the menu and select User.
A new window opens, enter First name, Last name, User logon name. Click Next.
Enter the Password and click Next.
Review the summary once and click Finish.
Now, click on Users. You can see the new user was created.
Deleting or removing user from Active Directory
Type Server manager in the search bar. The Server Manager dashboard is displayed. Go to Tools and select Active Directory Users and Computers.
Right click on your Domain name and select Find.
Ensure that you select Users,Contacts, and Groups from the Find drop down menu. Type the name of the User you want to delete.
Now, we have 2 options. We can delete the user or disable the user.
To delete the user, right click the user and select delete. Click Yes or No if you want to delete the user or not.
To disable the user, right click the user and select disable. Click Yes or No if you want to disable the user or not.
Note: Once the user is deleted, you cannot get the user back.
Create a new group within Active Directory
Type Server manager in the search bar. The Server Manager dashboard is displayed. Go to Tools and select Active Directory Users and Computers.
Click on your Domain name from left hand menu.
Depending on whether you are using organisational units or not, find the appropriate object to place user in that. By default, the built in Microsoft built in Default groups are under Users organisation unit.
Right click on the object you want to choose, select New and select Group.
A new window is displayed. Enter the Group name. By default, Global under Group Scope and Security under Group Type is already installed. Do not change the group type to Distribution. Click Ok.
Now, a new group is created under Users.
Add or remove users to or from a group
Type Server manager in the search bar. The Server Manager dashboard is displayed. Go to Tools and select Active Directory Users and Computers.
Click on your Domain name from left hand menu.
Depending on whether you are using organisational units or not, find the appropriate object to place user in that. By default, the built in Microsoft built in Default groups are under Users organisation unit.
Add user to a group from the Group:
Right click on your Domain and select Find.
Ensure that you select Users,Contacts, and Groups from the Find drop down menu. Enter the name of the group and click Find Now.
Right-click the group and select Properties.
Click the Members tab.
To add a user, click Add. Type the username into Enter the object names to select. Click Check Names and click Ok.
To remove a user, select the user and click Remove and click Ok.
Add user to the group from the User:
Right click on your Domain and select Find.
Ensure that you select Users,Contacts, and Groups from the Find drop down menu. Enter the name of the group and click Find Now.
Right-click the group and select Properties.
Click the Members tab.
To add a user to the group, click Add. Type the groupname into Enter the object names to select. Click Check Names and click Ok.
To remove the user from a group, click the group and click Remove and click Ok.
Delete a Group within Active Directory
Type Server manager in the search bar. The Server Manager dashboard is displayed. Go to Tools and select Active Directory Users and Computers.
Click on your Domain name from left hand menu and right click on your Domain and select Find.
Ensure that you select Users,Contacts, and Groups from the Find drop down menu. Type the Name of the group you want to delete.
Right click on the group and select Delete.
Click Yes or No in the confirmation window if, you are sure.
Now, go to Users and check whether your group is deleted. (Ex: scribe group is first created and then deleted.)
You have now learned some of the ways to manage your active directory on Kamatera, including how to create, manage, and delete users and groups.
English
