Active Directory Management Tools

Active Directory Management Tools

The most common management tool used to manage Active Directory is the Microsoft Management Console (MMC). This Microsoft console offers interfaces where Active Directory snap-ins can be loaded, which in turn provide specific functionalities for administering the Active Directory service. Using the MMC interface of Active Directory management tools, administrators create custom console tools to manage the domains, AD objects, OUs, group policies, etc.

Of the various MMC snap-ins used to manage the Active Directory, the following Active Directory management tools are used extensively:

• Active Directory Users and Computers snap-in: This console is used create, manage and configure Active Directory objects like Users, Groups, Computers and OUs.
• Active Directory Domains and Trusts: This console is used to manage domains, domain trees, domain trust relationships, domain modes and forests. It is also used to configure user principle name (UPN) suffixes.
• Directory Sites and Services: This tool is used to manage domain controller replication and create, configure and manage AD sites and subnets.
• Directory Schema: This console is used to view and change the AD schema which contains object and attribute definitions. However, this MMC snap-in is not included in the Administrative Tools pack and has to be installed manually to create an MMC for it.
• Set of Policy: This console enables administrators to view the current user policy with respect to a system. This tool also helps in changing group policies.

Active Directory Users and Computers snap-in

Apart from managing user accounts, groups, computer accounts, OUs, etc, the Active Directory Users and Computers snap-in is also used to set, create and view permissions; move, create or delete objects, create domain controller and manage the OU containers.

Active Directory Domains and Trust Console

The administrative tasks which can be performed using the Active Directory Domain and Trust Console are as follows:

• View the console tree of a forest listing all the domains.
• Change the domain mode or domain functional level from mixed mode to native mode or to functional level.
• Configure domains in other Windows Server forests for interoperability and specify trust relationships between the domains.
• Transfer the master role of domain naming operations from one domain controller to another domain controller.
• Add , delete and change the user principal name (UPN) suffixes.

The Active Directory Schema Snap-In

Schema in Active Directory is used to define the objects which are stored in the AD database along with the object attributes. The Active Directory schema snap-in helps in viewing the schema and modifying them.

Active Directory Sites and Service snap-in

The Active Directory sites and service console is used to perform administrative tasks on the sites which are used during the AD replication process. Site management is crucial as well as complicated in an Active Directory service. This console helps administrators to configure connections between AD sites and specify the replication process. Within the containers provided with the installation of this snap-in, administrators are able to create new sites and manage them in the network. The Default-First-Site-Name, the Inter-Site Transports container and the Subnets container can be easily managed with this console.