Windows Server 2012: Installing Active Directory Users and Computers and Group Policy Management Console – 404 Tech Support #active #directory #users #and #computers #windows # #snap #in


You are here: Home / Articles / Operating Systems / Windows Server 2012: Installing Active Directory Users and Computers and Group Policy Management Console

Windows Server 2012: Installing Active Directory Users and Computers and Group Policy Management Console

Managing Active Directory and Group Policy can be a little obscure due to the prerequisite of installing the Remote Server Administration Tools on Windows 7 and 8. In Server 2012, there is no separate install of the RSAT tools, you just have to know where to look. Fortunately, it proves consistent by being part of the Add/Remove Roles and Features part of the Windows Server operating system. I like the role-based installations because it greatly simplifies the install process, provides you a list of Server s native capabilities, and keeps the installation minimal by allowing you to manually choose what you want installed after the fact.

To get the Active Directory Users and Computers, you want to be sure to install just the tools you need, not the entire domain services on your server. That is, unless you wish to make your server a domain controller.

Open up Server Manager by clicking the icon pinned to the Taskbar or right-clicking Computer and going to Manage. In the top-right corner of the window, go up to the Manage menu and click Add Roles and Features .

From here, you will go through a dialog wizard. Follow the on-screen instructions to get to the install on the server you want configured. Choose Role-based or feature-based installation and select your server.

Unless there are other roles you would like installed, skip Server Roles and hit Next to get to the Features.

On the Features page, check Group Policy Management Tools.

The description reads: Group Policy Management is a scriptable Microsoft Management Console (MMC) snap-in, providing a single administrative tool for managing Group Policy across the Enterprise. Group Policy Management is the standard tool for managing Group Policy.

Scroll down a little bit to get to and Remote Server Administration Tools – Role Administration Tools – AD DS and AD LDS Tools and check those boxes, particularly AD DS Snap-Ins and Command-Line Tools.

The description reads: Active Directory Domain Services Snap-Ins and Command-Line tools includes Active Directory Users and Computers, Active Directory Domains and Trusts, Active Directory Sites and Services, and other snap-ins and command-line tools for remotely managing Active Directory domain controllers.

You can also select other tools you want like the Active Directory Administrative Center but to specifically get just Active Directory Users and Computers, check the box in front of AD DS Snap-Ins and Command-Line Tools.

Confirm your selections and let the install do its work.

Once the installation completes, you will see Active Directory Users and Computers and Group Policy Management Console on the Start Screen. You can also find them under the Administrative Tools folder should you want to copy a shortcut to your desktop. Note: using the GPMC from Server 2012 gives you access to New Windows 8 and Server 2012 Group Policies .

Share this:

CSVDE – Examples bulk import user accounts into Active Directory #csvde, #csvde #import, #bulk #import, #ldap, #ldap #field, #active #directory, #spreadsheet, #users

CSVDE Import

Introduction to CSVDE -i Bulk Import

The purpose of this page is to show you how to bulk import user accounts into Active Directory using CSVDE. Here are scenarios where CSVDE will save you repetitive work:

  • To create hundreds of new users in a Windows Server 2003 or 2000 domain.
  • To import thousands of NT 4.0 users into a brand new Active Directory domain.
  • To migrate directory services from Exchange 5.5 into Active Directory.

Topics for CSVDE Import

1) Practice with CSVDE Export. Remember that seven minutes of planning will save you an hour or rework. It may seem eccentric to start with an export when all you want to do is import, but trust me always start with CSVDE export. Here is my reasoning: gain experience of CSVDE switches in conditions where you can do no harm to Active Directory.

When you use CSVDE -i filename to import user accounts, you make changes that will be difficult to reverse. In export mode, you can do no harm to Active Directory, also starting with CSVDE -f filename.csv will help build up your understanding of the switches, or what Microsoft call the parameters.

2) Learn the precise spelling of LDAP fields, for example sAMAccountName is correct, sAMAaccountNames has two mistakes and would cause the import to fail. (This LDAP name is singular, and the double Aa is incorrect.)

3) Create a good .CSV file and learn as much as you can about the LDAP fields in the first row. When you export a user, you get a spreadsheet full of a LDAP attributes, for example, sn, phone, email and many more besides. My advice is to investigate which of the LDAP fields in the first row are compulsory, which are optional, which have strange numeric data, and which you can safely ignore when you switch CSVDE to import mode.

My theme is getting you started. Imagine the scenario: your manager wants 500 users added to his Windows 2003 domain. Fortunately, human resources have all the new joiners in a spreadsheet called Newport.csv. So, let us begin with a simple spreadsheet with only 3 LDAP columns: objectClass, sAMAccountName and DN.

A) objectClass – User. Simple and easy we want to create a user and not a computer and not an OU.

B) sAMAccountName – This is the logon name, maximum of 11 characters. What the user should put in the Ctrl, Alt Delete logon box. Keep this name simple for now. Remember we just want to get the prototype import working and then we can add more LDAP fields.

C) DN – Distinguished name, for example, CN= Firstname Surname,OU=Newport,dc=domain,dc=com

DN is the hardest LDAP field to create. Let us break it down into 3 elements.

1) User name – CN= Firstname Surname. If it were me, the value would be CN=Guy Thomas. In this context think of CN= as meaning common name, or just plain name.

2) Organizational name – OU=Newport. All you have to worry about is have you created an OU called Newport in your domain? If not, then either create one, or change this value to OU=YourOU.

3) Domain name – dc=domain, dc=com. Is your domain called something like or is it plain mydom (no .com. net or It is essential to find out what your domain is called, and only you know the answer.

What would you say the Domain name is for this screen shot? cp,, cp.local? The answer is

So of this were your domain the third DN element would be, dc=cp,dc=com. Incidentally, dc stands for domain context not domain controller.

Guy Recommends: SolarWinds’ Free Bulk Import Tool

Import users from a spreadsheet. Just provide a list of the users with their fields in the top row, and save as .csv file. Then launch this FREE utility and match your fields with AD’s attributes, click and import the users.

Optionally, you can provide the name of the OU where the new accounts will be born. Download your FREE bulk import tool.

1) Copy my example below and paste into an Excel spreadsheet at precisely cell A1.

user,Petergr, CN=Peter Graham,OU=Newport,DC=cp,dc=com
user,Janiebo, CN=Janie Bourne,OU=Newport,DC=cp,dc=com
user,Edgardu, CN=Edgar Dunn,OU=Newport,DC=cp,dc=com
user,Belindaha, CN=Belinda Hart,OU=Newport,DC=cp,dc=com
user,Mayja, CN=May Jamieson,OU=Newport,DC=cp,dc=com
user,Leroyot, CN=Leroy Ota,OU=Newport,DC=cp,dc=com

2) In Excel, select the Data Menu and then Text to Columns. Naturally, choose the comma delimiter. Save the file as .csv for example, Newort.csv

3) Make sure that the 3 LDAP fields are in the first row. (ObjectClass, sAMAccountName, and DN.)

4) Once you have opened the file in Excel, it is easier to manipulate the values. For example, you may wish to find and replace dc=cp, dc=com with the name of your domain as we discussed earlier.

5) When you have finished preparing the spreadsheet to your liking, then Save As and make sure you select Save as t ype CSV (Comma delimiter). Since the next step is the command prompt, save the file into an easily accessible folder. E.g. C:\csv.

After all the hard work in preparing the spreadsheet, we are now ready for the import. Open the CMD prompt, navigate to the folder where you saved your .csv file.

Type this command: CSVDE -i -f Newport.csv

To check your new users, launch Active Directory Users and Computers and examine the Newport Organizational Unit. After each import, right-click the OU and select Refresh from the short cut menu. Simply pressing F5 is not good enough.

Next step – Try an advanced import. More fields, more spreadsheet functions.

Recommended: Solarwinds’ Permissions Analyzer – Free Active Directory Tool

I like the Permissions Analyzer because it enables me to see WHO has permissions to do WHAT at a glance. When you launch this tool it analyzes a users effective NTFS permissions for a specific file or folder, and takes into account network share access, then displays the results in a nifty desktop dashboard!

Think of all the frustration that this free SolarWinds utility saves when you are troubleshooting authorization problems for user’s access to a resource. Give this permissions monitor a try – it’s free!

CSVDE is unable to add passwords.

Your solution is to change the domain policy to allow blank passwords. You can revert to the previous security setting once you successfully import the accounts. Also see this VBScript.

4) The key disadvantage of CSVDE is that you cannot set passwords with this program. So, use a separate VBScript to set the passwords and enable accounts. Sadly once created, you cannot you alter the accounts in anyway with CSVDE. See here for a VBScript to reset passwords.

The point is use the right tool for the right job. For a quick import of hundreds of user accounts, you cannot beat CSVDE. However if you need to alter accounts or add passwords then turn to VBScript. Both CSVDE and VBScript ‘feed’ off spreadsheets, to me, this is their killer advantage over LDIFDE. I find that it is so useful to have all the accounts and their values set out in my Excel spreadsheet.

  • Check that you understand the: DC=domain, DC=COM (LDAP attributes).
  • If your ADSI Edit says: DC=mydom, then change, dc=cp,dc=com to dc=mydom.
  • Check you created an OU called Newport.
  • Check out the Error Messages .
  • Experiment with different syntax. Try a different output filename.
  • Open and close the CMD command prompt.

CSVDE is an ideal program to bulk import users into Active Directory. The executable is built-in to Windows Server 2003 and 2008. The key advantage of CSVDE is the way than it interacts with spreadsheets to import or export LDAP data.

See Also

Laptop Service # #laptop, #notebook, #manual, #guide, #service, #disassembly, #repair, #users, #owner’s, #instruction, #laptop #guide,laptop #manual,laptop #owners #manual,laptop #repair #guide,laptop #user #guide,laptop #user #manual,laptop #users #manual,manual,owner #manual,owners #manual,repair #manual,service #manual,user #manual,users #manual,notebook #manual


Are you looking for a laptop manual? You are in the right place! has the largest collection of laptop service and users manuals. You can download your manual day and night, 24/7.

Laptop, Notebook Service, Repair, Disassembly Manuals

If you want to upgrade or fix your laptop by yourself you need a service manual. The information included in service manuals varies from manufacturer to manufacturer, however all service manuals give at least the basic information about how to disassemble your laptop and replace defective parts. For each download in this category we charge $5.99.

Laptop, Notebook Users, Owners, Instruction Manuals

If you want to learn how to use your laptop more productively download a Users Manual. It also gives general information about your laptop, in most cases it includes software configuration and troubleshooting information, it teaches you how to connect external devices etc. For each download in this category we charge $5.98.

Downloading is easy

Find the document you want and click on Buy Now button.
Pay securely using PayPal
After the successful payment you will be automatically
redirected to the downloading page.

Inside PayPal you can choose one of the following payment options:

If for any reason the File Download doesn’t work send us an e-mail and we’ll provide the link from where you will be able to download easily or we’ll email you the file itself. Most of the original manuals are in PDF format wrapped in ZIP archive, however you might download a manual in HTM, CHM and in some other popular file formats.
If we will not hear from you during 7 days after the payment we will assume that you have successfully downloaded the manual you have paid for and no further assistance will be provided. If you’ll loose your manual after 7 days you have to make a new purchase to download it again.