Home » Groups » Software and Computing

BNL Active Directory Tools and Notes

Updated on Thu, 2020-04-02 15:39. Originally created by wbetts on 2019-12-19 11:56.

Mike Poat sent the following in a very helpful email on December 4, 2019:

"""
Since NetIQ is gone I wanted to offer some instructions on how we access
Active Directory to Add/Remove Computers to the 'STAR - Computers' OU

1. Initially I was instructed to download the Remote Server
Administration Tools for Windows 10 (RSAT)
https://www.microsoft.com/en-us/download/details.aspx?id=45520 but it is
likely your computer already got this as an update a while back. So skip
for now unless your missing the RSAT tool set (you will know after step 2).

2. Open Settings > Apps > Optional features, Scroll down and if you
don't see "RSAT: Active Directory Domain Services and Lightweight
Directory Services Tools" listed > click 'Add a feature' up top, find it
in the list, and click Install (click back to see install progress). If
the tool is not listed anywhere -> back to Step 1.

3. Open Control Panel > Administrative Tools > Open 'Active Directory
Administrative Center' - NOTE: I have an 'mpoatou' account that has
permissions to Add/Remove computers in AD, my 'mpoat' account does not.
So I have to do SHIFT + RIGHT CLICK > Run as different user > use
'mpoatou' credentials and I am in.

4. Once in the Active Directory Administrative Center you can browse to
- Research Enclave > PO > STAR > STAR - Computers. Once here, on the
right hand side be sure the 'New' button isn't grayed out. Initially it
was for me, I spoke with Will Smart and he sorted out my permissions, I
also asked to him to verify the 'wbetts' account as well so please
double check.
"""

Great... except step 2 didn't work. Even with Windows 10 build 1903, which has the RSAT additional features listed as available, it failed to install.
Found this: https://www.wincert.net/microsoft-windows/windows-10/cannot-install-rsat-tools-on-windows-10-1809-error0x80244022/
which says to set HKLM/Software/Policies/Microsoft/Windows/WindowsUpdate/AU/UseWUServer = 0 and restart the Windows Update Service. The RSAT tools then installed successfully and the registry setting should be reset and Windows Update restarted.

Note that there is a wbettsou account as well - as of 12/19/2019, neither wbetts or wbettsou has adequate permissions for common tasks (such as 'New', 'Delete', edit descriptions etc.)

Groups: