Difference between revisions of "Installing RSAT"
m (/* add note about RSAT on win10 needing en_us language pack.) |
Mmuehlfeld (talk | contribs) (Rewrote page. More content, better and clearer structure.) |
||
| Line 1: | Line 1: | ||
= Introduction = | = Introduction = | ||
| − | + | To administer Active Directory (AD) from Windows, use the Microsoft Remote Server Administration Tools (RSAT). The tools are available for all platforms, Microsoft actively supports. | |
| − | |||
| − | |||
| Line 11: | Line 9: | ||
= Download = | = Download = | ||
| − | * Windows 10: https://www.microsoft.com/en-us/download/details.aspx?id=45520 | + | * Windows 10: https://www.microsoft.com/en-us/download/details.aspx?id=45520 |
* Windows 8.1: http://www.microsoft.com/en-us/download/details.aspx?id=39296 | * Windows 8.1: http://www.microsoft.com/en-us/download/details.aspx?id=39296 | ||
| Line 20: | Line 18: | ||
* Windows Vista: http://www.microsoft.com/en-us/download/details.aspx?id=21090 | * Windows Vista: http://www.microsoft.com/en-us/download/details.aspx?id=21090 | ||
| + | |||
| + | In Windows Server operating systems, the Microsoft Remote Server Administration Tools (RSAT) are included. | ||
| Line 27: | Line 27: | ||
= Installation = | = Installation = | ||
| − | * Install | + | == Windows 8 and later == |
| + | |||
| + | * Start the downloaded installer and follow the instructions. | ||
| + | |||
| + | All features are installed automatically. | ||
| + | |||
| + | |||
| + | |||
| + | == Windows Vista and 7 == | ||
| + | |||
| + | * Start the downloaded installer and follow the instructions. | ||
| + | |||
| + | * Click "Start", enter "Programs and Features" into the search field and start the application. | ||
| + | |||
| + | * Select the features to install: | ||
| + | : The following are the recommended features to administer a Samba Active Directory installation: | ||
| + | |||
| + | :{| class="wikitable" | ||
| + | !Feature | ||
| + | !Description | ||
| + | |- | ||
| + | |Group Policy Management Tools | ||
| + | |Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor. | ||
| + | |- | ||
| + | |Active Directory Module for Windows PowerShell | ||
| + | |Optional. Enables Active Directory (AD) PowerShell Cmdlets. | ||
| + | |- | ||
| + | |AD DS Tools | ||
| + | |Provides the "Active Directory Users and Computers" (ADUC) and "Active Directory Sites and Services" MMC Snap-in. | ||
| + | |- | ||
| + | |Server for NIS Tools | ||
| + | |Adds the "UNIX Attributes" tab to ADUC objects properties. It enables you to configure [[Idmap_config_ad|RFC2307 attributes]]. | ||
| + | |- | ||
| + | |DNS Server tools | ||
| + | |DNS MMC Snap-in for remote DNS management. | ||
| + | |- | ||
| + | |Remote Desktop Services Tool | ||
| + | |Optional. Adds the "Remote Desktop Services Profile" tab to the ADUC user object's properties and installs the "RDP server administration" MMC Snap-in. Install this feature to configure remote desktop protocol (RDP) settings in ADUC. | ||
| + | |} | ||
| + | |||
| + | * Click "OK" to install the features. | ||
| + | |||
| + | You can find the installed tools in the "Administrative tools" menu in your start menu. Alternatively, add the Snap-ins in the MMC using the "File" / "Add/Remove Snap-in" menu. | ||
| + | |||
| + | |||
| + | |||
| + | == Windows Server == | ||
| + | |||
| + | * Start the "Server Manager". | ||
| + | |||
| + | * On Windows Server 2008 and 2008 R2: | ||
| + | :*Select "Features" in the navigation tree and click "Add Features". | ||
| − | * | + | * On Windows Server 2012 and 2012 R2: |
| + | :* Click "Add roles and features". | ||
| + | :* Select "Role-based or feature-based installation". | ||
| + | :* Select the host on which to install the features. | ||
| + | :* Click "Next" on the "Roles" page. | ||
| − | * | + | * Select the features to install: |
| + | : The following are the recommended features to administer a Samba Active Directory installation: | ||
| − | : | + | :{| class="wikitable" |
| + | !Feature | ||
| + | !Description | ||
| + | |- | ||
| + | |Group Policy Management | ||
| + | |Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor. | ||
| + | |- | ||
| + | |AD DS Snap-Ins and Command-Line Tools | ||
| + | |Optional. Provides the "Active Directory Users and Computers" (ADUC) and "Active Directory Sites and Services" MMC Snap-in. | ||
| + | |- | ||
| + | |Server for NIS Tools | ||
| + | |Adds the "UNIX Attributes" tab to ADUC objects properties. It enables you to configure [[Idmap_config_ad|RFC2307 attributes]]. | ||
| + | |- | ||
| + | |Active Directory Module for Windows PowerShell | ||
| + | |Enables Active Directory (AD) PowerShell Cmdlets. | ||
| + | |- | ||
| + | |DNS Server tools | ||
| + | |DNS MMC Snap-in for remote DNS management. | ||
| + | |} | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | = Enabling the "Advanced Features" = | ||
| + | Many Remote Server Administration Tools (RSAT) provide additional features and options after enabling the "Advanced features" option. To activate: | ||
| + | * Select the root of the navigation tree on the left side. | ||
| − | + | * Open the "View" menu. | |
| − | + | * Select "Advanced Features". | |
:[[Image:ADUC_enabling_Advanced_Features.png]] | :[[Image:ADUC_enabling_Advanced_Features.png]] | ||
| Line 61: | Line 129: | ||
| − | = | + | = Missing "Unix Attributes" tab in ADUC on Windows 10 = |
| − | + | Windows 10 does not support the "Server for NIS Tools" option. Without this feature, the Active Directory User and Computer (ADUC) console does not show the "Unix Attributes" tab on user and group objects. To work around this problem, set the attributes in Active Directory (AD) manually or use a different Windows operating system. | |
| − | + | To manually set the attributes, use the "Attributes" tab on user and group object's properties. Note that this tab is only visible if you have enabled the advanced features in ADUC. For further details, see [[#Enabling_the_.22Advanced_Features.22|Enabling the "Advanced Features"]]. | |
| − | + | The fields from the "Unix Attributes" tab are mapped to the following AD attributes of the object: | |
| − | + | * Users: | |
| − | + | :{| class="wikitable" | |
| − | + | !Field on the "Unix Attributes" tab | |
| − | + | !Active Directory attribute | |
| − | + | |- | |
| − | + | |NIS Domain | |
| − | + | |msSFU30NisDomain | |
| + | |- | ||
| + | |UID | ||
| + | |uidNumber | ||
| + | |- | ||
| + | |Logon Shell | ||
| + | |loginShell | ||
| + | |- | ||
| + | |Home Directory | ||
| + | |unixHomeDirectory | ||
| + | |- | ||
| + | |Primary group name/GID | ||
| + | |primaryGroupID | ||
| + | |} | ||
| − | + | * Groups: | |
| − | |||
| − | * | ||
| − | + | :{| class="wikitable" | |
| + | !Field on the "Unix Attributes" tab | ||
| + | !Active Directory attribute | ||
| + | |- | ||
| + | |NIS Domain | ||
| + | |msSFU30NisDomain | ||
| + | |- | ||
| + | |GID (Group ID) | ||
| + | |gidNumber | ||
| + | |} | ||
| + | Note that setting user IDs (UID) and group IDs (GID) manually, you have to manually track of the last used UID and GID numbers. | ||
| − | |||
| − | + | = Reporting Problems and Incompatibilities = | |
| − | + | To report problems or incompatibilites when using the Microsoft Remote Server Administration Tools (RSAT), see [[Bug_Reporting|Bug Reporting]]. | |
Revision as of 18:10, 26 September 2016
Contents
Introduction
To administer Active Directory (AD) from Windows, use the Microsoft Remote Server Administration Tools (RSAT). The tools are available for all platforms, Microsoft actively supports.
Download
In Windows Server operating systems, the Microsoft Remote Server Administration Tools (RSAT) are included.
Installation
Windows 8 and later
- Start the downloaded installer and follow the instructions.
All features are installed automatically.
Windows Vista and 7
- Start the downloaded installer and follow the instructions.
- Click "Start", enter "Programs and Features" into the search field and start the application.
- Select the features to install:
- The following are the recommended features to administer a Samba Active Directory installation:
Feature Description Group Policy Management Tools Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor. Active Directory Module for Windows PowerShell Optional. Enables Active Directory (AD) PowerShell Cmdlets. AD DS Tools Provides the "Active Directory Users and Computers" (ADUC) and "Active Directory Sites and Services" MMC Snap-in. Server for NIS Tools Adds the "UNIX Attributes" tab to ADUC objects properties. It enables you to configure RFC2307 attributes. DNS Server tools DNS MMC Snap-in for remote DNS management. Remote Desktop Services Tool Optional. Adds the "Remote Desktop Services Profile" tab to the ADUC user object's properties and installs the "RDP server administration" MMC Snap-in. Install this feature to configure remote desktop protocol (RDP) settings in ADUC.
- Click "OK" to install the features.
You can find the installed tools in the "Administrative tools" menu in your start menu. Alternatively, add the Snap-ins in the MMC using the "File" / "Add/Remove Snap-in" menu.
Windows Server
- Start the "Server Manager".
- On Windows Server 2008 and 2008 R2:
- Select "Features" in the navigation tree and click "Add Features".
- On Windows Server 2012 and 2012 R2:
- Click "Add roles and features".
- Select "Role-based or feature-based installation".
- Select the host on which to install the features.
- Click "Next" on the "Roles" page.
- Select the features to install:
- The following are the recommended features to administer a Samba Active Directory installation:
Feature Description Group Policy Management Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor. AD DS Snap-Ins and Command-Line Tools Optional. Provides the "Active Directory Users and Computers" (ADUC) and "Active Directory Sites and Services" MMC Snap-in. Server for NIS Tools Adds the "UNIX Attributes" tab to ADUC objects properties. It enables you to configure RFC2307 attributes. Active Directory Module for Windows PowerShell Enables Active Directory (AD) PowerShell Cmdlets. DNS Server tools DNS MMC Snap-in for remote DNS management.
Enabling the "Advanced Features"
Many Remote Server Administration Tools (RSAT) provide additional features and options after enabling the "Advanced features" option. To activate:
- Select the root of the navigation tree on the left side.
- Open the "View" menu.
- Select "Advanced Features".
Missing "Unix Attributes" tab in ADUC on Windows 10
Windows 10 does not support the "Server for NIS Tools" option. Without this feature, the Active Directory User and Computer (ADUC) console does not show the "Unix Attributes" tab on user and group objects. To work around this problem, set the attributes in Active Directory (AD) manually or use a different Windows operating system.
To manually set the attributes, use the "Attributes" tab on user and group object's properties. Note that this tab is only visible if you have enabled the advanced features in ADUC. For further details, see Enabling the "Advanced Features".
The fields from the "Unix Attributes" tab are mapped to the following AD attributes of the object:
- Users:
Field on the "Unix Attributes" tab Active Directory attribute NIS Domain msSFU30NisDomain UID uidNumber Logon Shell loginShell Home Directory unixHomeDirectory Primary group name/GID primaryGroupID
- Groups:
Field on the "Unix Attributes" tab Active Directory attribute NIS Domain msSFU30NisDomain GID (Group ID) gidNumber
Note that setting user IDs (UID) and group IDs (GID) manually, you have to manually track of the last used UID and GID numbers.
Reporting Problems and Incompatibilities
To report problems or incompatibilites when using the Microsoft Remote Server Administration Tools (RSAT), see Bug Reporting.