This content is from a technical documentation assignment I submitted during my Fall 2023 semester at Kennesaw State University. I used Windows Server 2019 in a VM. The domains, logins, users, groups, etc. found within were created to build the documentations and have since been deleted.
1. Introduction
1.1 Background
Windows Server 2019 is a server operating system developed by Microsoft that provides a platform for running enterprise-level applications and services. Windows Server 2019 offers various features, including improved security, enhanced support for containers and virtualization, and better integration with cloud services. It is a successor to Windows Server 2016 and is often used by businesses and organizations to manage and deploy network infrastructure, data storage, and various server-based applications.
Active Directory Users and Computers (ADUC) is a management tool provided by Microsoft for administering and organizing users, groups, and computer objects within a Windows Active Directory environment (Posey, 2023). It allows network administrators to create, modify, and delete user accounts, manage group memberships, and control various aspects of user and computer security settings. ADUC is a crucial component in the administration and organization of network resources, providing a central location to manage user access and permissions, making it easier to maintain a secure and organized network infrastructure.
1.2 Before You Begin
This guide outlines the common Active Directory Users and Computers (ADUC) steps required to add, remove, and modify users as well as the steps needed to reset user passwords and unlock user accounts. Active Directory is a critical component of network management, and these tasks are necessary for maintaining a secure and efficient network environment.
This guide is intended for junior level administrators as it only contains basic tasks. The user of this guide needs to have access to a Windows Server 2019 computer, administrator-level login credentials, and knowledge of locating/opening the Server Manager Dashboard. This guide does not cover creating new membership groups, adding computers to the domain, configuring servers, configuring domain controllers, or other more advanced tasks. All tasks should take no longer than 2 minutes to complete. Consult your Lead Administrator if you do not have the needed requirements or if the task is outside the scope of this guide.
2. Cautions and Warnings
- Caution: Ensure that you have the necessary permissions and are following security best practices when performing these tasks. See your supervisor or Lead System Administrator to ensure you have appropriate permissions to perform the steps in this guide.
- Warning: Verify that Active Directory has been backed up before making any significant changes.
Note: These instructions and included figures were created by me using Windows Server 2019 Standard Edition on a virtual machine. Your production environment may vary.
3. Log into Windows Server and Launch ADUC
- Ensure you have the necessary permissions and an Administrator Login for Windows Server. At the login screen press Ctrl+Alt+Delete (See Figure 1). You will be prompted to enter a password on the following screen (Figure 2).
- Ensure your username is visible (shown in Figure 2 as “\Administrator”)
- Enter your password and press the Enter key or click the arrow next to the password box.
- The Server Manager Dashboard will open automatically.
- Open ADUC (Active Directory Users and Computers) from the “Tools” menu.
Important: Since all tasks are performed within the ADUC window, the instructions above are required prior to performing ALL the following actions.
4. Create/Remove User Accounts
4.1 Create a New User Account
- Open ADUC using the step in in Section 2 and Figure 3.
- See Figure 4 to navigate the ADUC window. Double-click the server (“nmlabs.local” in the figure below) if it is not already opened. Right-click Users, mouse over New, Select User as shown in the figure (Rackspace.com, 2020).
- Fill in the applicable information in the New User window.
- Click “Finish” and the user will be added to Active Directory.
- Verify the new user was created by selecting “Users” in the left pane of the ADUC window.
4.2 Remove a User Account
- Locate User: Find the user you want to remove, right-click the user and select “Delete.”
- Confirm the deletion when prompted.
- Verify the user is no longer listed.
4.3 Reset User Password
- Locate the user whose password you want to reset, right-click the user, and select “Reset Password” (Blackwell, 2023).
- Enter and confirm the new password.
- Click “OK” to confirm the password reset.
5. Modify User Group Membership
- Select “Users” from the left pane in ADUC. Right-click the user and select “Properties.
- Note: Users can be added to or removed from group memberships in the same menu.
- Select the “Member Of” tab to show current groups.
- Select a group to remove and click “Remove” button.
- Confirm group removal by selecting “Yes.”
- Click the “Add” button (without selecting any current groups) to add the user to a new group.
- Type the name of a known group in the text box and click the “Check Names” button.
- If the group exists, its correct name will be displayed. Click the “OK” button.
- If the group is not found, double-check the name and try again. If the name fails again, or if the correct group name is not known, contact a lead administrator for support.
- Verify the group additions and removals were completed by checking the “Member Of” tab in the properties window again. Click “Apply” and “OK” to close the window.
6. Conclusion
6.1 Summary
This guide serves as a fundamental resource for Junior administrators seeking to navigate Active Directory Users and Computers to add, remove, and modify users and their memberships within the Windows Server 2019 environment. By outlining these essential steps, the document empowers administrators with the necessary knowledge to effectively oversee user accounts and basic access rights. With a strong grasp of these foundational procedures, administrators can confidently provide user support and streamline user management processes, thereby contributing to the smooth operation and maintenance of an efficient network infrastructure.
6.2 Contact Information
References
Blackwell, J. (2023, March 24). Reset password via set-adaccountpassword Poweshell Cmdlet. Netwrix Blog | Insights for Cybersecurity and IT Pros. https://blog.netwrix.com/2023/03/24/set-adaccountpassword-powershell-cmdlet/
Posey, B. (2023, February 16). What is active directory users and computers? ITPro Today: IT News, How-Tos, Trends, Case Studies, Career Tips, More. https://www.itprotoday.com/active-directory/what-active-directory-users-and-computers
Rackspace.com. (2020). Create, manage, and delete users and groups in active directory. Rackspace Technology Documentation. https://docs.rackspace.com/docs/create-manage-and-delete-users-and-groups-in-active-directory