active directory ds

Installing Active Directory Users and Computers MMC Snap-in on Windows 10

One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). The ADUC snap-in is used to perform typical domain administration tasks and manage users, groups, computers, and organizational units in the Active Directory domain. By default, the Active Directory Users and Computers (dsa.msc) console is installed on the server when it is promoted to the domain controller during the Active Directory Domain Services (AD DS) role is installed.

To use ADUC snap-in in Windows 10, you need first to install the Microsoft Remote Server Administration Tools (RSAT). The RSAT includes various command line tools, PowerShell modules and snap-ins to remote manage Windows Servers, Active Directory and other Windows roles and features, which are running on Windows servers.

How to install Active Directory Users and Computers in Windows 10?

By default, RSAT is not installed in Windows 10 (and other Windows desktop operating systems). Remote Server Administration Tools (RSAT) allows IT administrators to remotely manage roles and components on Windows Server 2016, 2012 R2, 2012, 2008 R2 from user’s workstations running Windows 10, 8.1, 8 and Windows 7. The RSAT resembles Windows Server 2003 Administration Tools Pack (adminpak.msi) that was installed on clients running Windows 2000 or Windows XP and was used for remote server management. RSAT can’t be installed on computers with the Home editions of Windows. To install RSAT, you must have Professional or Enterprise edition of Windows 10.

You can download the latest version of Remote Server Administration Tools for Windows 10 (Version: 1803 1.0, Date Published: 5/2/2018) using following link:

rsat windows 10

Tip. As you can see, the RSAT package is available for the latest version of Windows 10 1803. WindowsTH-RSAT_WS_1709 and WindowsTH-RSAT_WS_1803 are used to manage Windows Server 2016 1709 and 1803 respectively. If you are using a previous version of Windows Server 2016 or Windows Server 2012 R2 / 2012/2008 R2, you need to use the WindowsTH-RSAT_WS2016 package.

Select Language of your Windows 10 version and click on Download button. Depending on the bitness of your OS, select desired *.msu file:

  • For Windows 10 x86 – download WindowsTH-RSAT_WS2016-x86.msu (69.5 MB);
  • For Windows 10 x64 – download WindowsTH-RSAT_WS2016-x64.msu (92.3 MB);

windows rsat

Install the downloaded file (Update for Windows KB2693643) by double-click on it.

active directory tools windows 10

Or you can install RSAT from Command prompt in silent mode:

wusa.exe c:\Install\WindowsTH-RSAT_WS2016-x64.msu /quiet /norestart

After RSAT installation is completed, you need to restart your computer.

How to Enable AD DS Tools in Windows 10?

It remains to activate the necessary RSAT function. To do this:

  1. Right click on Start button and select Control Panel
  2. Select Programs and Features
  3. In the left pane press on Turn Windows features on or off
  4. Expand node Remote Server Administration Tools-> Role Administration Tools -> AD DS and AD LDS Tools
  5. Check item AD DS Tools and press OK.
    active directory users and computers

However, you can install AD feature from the Command prompt just with this three commands:

dism /online /enable-feature /featurename:RSATClient-Roles-AD
dism /online /enable-feature /featurename:RSATClient-Roles-AD-DS
dism /online /enable-feature /featurename:RSATClient-Roles-AD-DS-SnapIns

active directory snap in windows 10

How to Run dsa.msc (Active Directory Users and Computers) Snap-in?

After AD Management snap-ins installed, go to the Control Panel and select section Administrative Tools. As you can see, new link to the console %SystemRoot%\system32\dsa.msc (Active Directory Users and Computers) appeared.

aduc on windows 10

Now you can run the ADUC snap-in and connect to any available domain controller AD. If your computer is joined to the Active Directory domain, then the nearest domain controller will be selected automatically, based on your Logon server.

Also to start the ADUC console you can press the Win+R combination, type dsa.msc and then click on OK.

dsa msc windows 10

DSA.msc: Connecting to DC From Non-domain Computer

If you want connect to AD using dsa.msc snapin from non-domain computer, you must:

  1. Open Command prompt and run command:
    runas /netonly /user:Domain_Name\Domain_USER mmc
  2. In the empty MMC Console select File->Add/Remove Snap-In.
  3. Add Active Directory Users and Computers Snap-In to the right pane and press OK.
    how to install active directory on Windows 10
  4. Connect to domain by right click on ADUC -> Connect to domain and enter domain name.
    aduc windows 10

 As a result, in the ADUC snap-in appears the structure of your OU Active Directory domain.

ADDS active directory snap in

You will see a standard set AD folders and containers:

  • Saved Queries — Saved search criteria, allowing you to quickly replay the previous search in Active Directory;
  • Builtin — built-in user accounts;
  • Computers — the default container for computer accounts;
  • Domain Controllers — the default container for domain controllers;
  • ForeignSecurityPrincipals — contains information about objects from trusted external domains. Typically, these objects are created when an object from an external domain is added to the group of the current domain;
  • Users — the default container for user accounts.

Depending on the domain structure, the ADUC console may contain other containers. Some AD folders are not displayed by default. To display them, select View > Advanced Features in the top menu.

aduc snap in on windows 10

The following additional folders should appear:

  • LostAndFound — directory objects that lost the owner;
  • NTDS Quotas — data about the quoting of the directory service;
  • Program Data — data stored in the directory service for Microsoft applications;
  • System the built-in system parameters.

You can add organizational units to the AD tree yourself.

Dsa.msc: Missing Tabs in Windows 10

Users sometimes complain that some tabs are missing in the ADUC snap in on Windows 10.

aduc rds windows 10

  • At first check if Advanced Features is selected in the AD view;
  • Check if you are using the latest version of Windows 10;
  • Before installing RSAT, make sure you have removed the old versions of RSAT and the RSAT editions for other languages. At the same time, only one version of Remote Server Administration can be installed on the computer;
  • Currently RSAT for Windows 10 is only available in English (United States) language. If you have a localized version of Windows 10 installed, make sure you have installed the English (United States) language pack before installing RSAT. Move English (United States) to the top of the list of preferred languages;
  • In some cases, manual copying of the tsuserex.dll and tsuserex.dll.mui libraries from Windows Server 2012 R2 to the Windows 10 computers to the C:\Windows\System32 directory helps. Do not forget to register the library with the command:
    regsvr32 c:\Windows\System32\tsuserex.dll

You may also like:

Configuring GPO Proxy Settings for Internet Explor... The article shows how to configure GPO proxy settings for Internet Explorer 11 browser using Active Directory Group Policies. In earlier versions of I...
AD Account Keeps Locking Out Sometimes there are situations when AD account keeps locking out, this happen when you try to log on to a domain computer and getting an error on the ...
How to transfer FSMO Roles From a Failed Domain Co... In case domain controller, which owns FSMO (Flexible Single Master Operation) roles, is fail (virus attack, fatal software problems or catastrophic ha...
Change Default OU permissions in Active Directory By default, each newly created organizational unit (OU) in the access list includes read permission for the group Authenticated Users (built-in group)...
FSMO Role: Infrastructure Master We continue the series of articles about FSMO roles in the Active Directory domain. This time, we will take a closer look at the FSMO role — Infrastru...
  1. Posted by Marco Antonio Barato
  2. Posted by 777-200ER

Add Your Comment