Tip: Remote Active Directory Administration with Windows PowerShell
Follow Our Daily Tips
• facebook.com/TechNetTips
• twitter.com/TechNetTips
• blogs.technet.com/tnmag
• TechNet Tips library
Windows Server 2008 R2 automatically installs the Active Directory Module for Windows PowerShell and Active Directory Administrative Center when you add the Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS) role. When you promote the server to an AD DS domain controller or create an AD LDS instance, the system then installs and activates Active Directory Web Services, which is everything you need to manage Active Directory using Windows PowerShell on that computer.
However, administrators often want to manage Active Directory from another computer at a remote location, and you can do so with the Active Directory Module and ADAC, as long as you are running Windows Server 2008 R2 or Windows 7 on the remote computer.
To manage AD DS or AD LDS resources from a computer running Windows Server 2008 R2 that is not an AD DS domain controller and that does not host an AD LDS instance, you must install the Active Directory Module for Windows PowerShell and (optionally) the ADAC module, using the Add Features Wizard, accessible in Server Manager or the Initial Configuration Tasks window. If you prefer, you can also install the features using Windows PowerShell cmdlets or the Servercmd.exe command-line tool.
Install Remote Server Administration Tools with the Add Features Wizard
The Active Directory Module for Windows PowerShell and the ADAC are part of the Remote Server Administration Tools feature, which you can add as a whole or by selecting individual modules. Both modules require you to install the .NET Framework 3.5.1 feature as well, and to install ADAC, you must also install the Active Directory Module for Windows PowerShell and AD DS Snap-Ins and Command-Line Tools features.
Note that your server must be a member of an AD DS domain with at least one Windows Server 2008 R2 domain controller.
Install Remote Server Administration Tools with Windows PowerShell
You can also install individual parts of the Remote Server Administration Tools feature from the Windows PowerShell prompt, using the capabilities provided in the ServerManager module.
First open a Windows PowerShell session with elevated privileges. You can do this by right-clicking the shortcut and selecting Run As Administrator.
Now use the following command to import the ServerManager module:
Import-Module ServerManager
Once you have done this, you can install individual features by name using the Add- Windowsfeature cmdlet. To display a list of the Command IDs for all of the roles and features available for installation, use this command:
Get-WindowsFeature
You can then use the following command to install the Active Directory Module for Windows PowerShell and ADAC features:
Add-WindowsFeature RSAT-AD-PowerShell,RSAT-AD-AdminCenter
The cmdlet automatically installs all of the dependent elements the two features require.
Install Remote Server Administration Tools with Servercmd.exe
You can use the same Command IDs to install the features from a standard (non-Windows PowerShell) command prompt, although this method has been deprecated in favor of Windows PowerShell. For this method, you once again must open the command prompt session with elevated privileges. Then execute the following two commands individually:
Servercmd.exe -install RSAT-AD-PowerShell
Servercmd.exe -install RSAT-AD-AdminCenter
Install Remote Server Administration Tools on Windows 7
You can manage your Active Directory resources from a Windows 7 workstation also, but first you must download and install the Remote Server Administration Tools for Windows 7. After you install the package, you must open the Programs Control Panel, select Turn Windows Features On Or Off, and select the appropriate check boxes under Remote Server Administration Tools.
Tip adapted from Introducing Windows Server 2008 R2 by Charlie Russel and Craig Zacker.