Difference between revisions of "Installing RSAT"

m (Fixed typos)
(Added example values for user/group attributes to the table to make it help people understand what need to be set in these attributes.)
 
(9 intermediate revisions by the same user not shown)
Line 9: Line 9:
 
= Download =
 
= Download =
  
* Windows 10: https://www.microsoft.com/en-us/download/details.aspx?id=45520
+
* Windows 10 (1809 and later): Installing RSAT is now integrated in these Windows 10 versions.
 +
 
 +
* Windows 10 (1703 - 1803): https://www.microsoft.com/en-us/download/details.aspx?id=45520
  
 
* Windows 8.1: http://www.microsoft.com/en-us/download/details.aspx?id=39296
 
* Windows 8.1: http://www.microsoft.com/en-us/download/details.aspx?id=39296
Line 27: Line 29:
 
= Installation =
 
= Installation =
  
== Windows 8 and later ==
+
== Windows 10 (1809 and later) ==
 +
 
 +
In Window 10 1809 and later, you install RSAT as an optional feature. Note that this requires an active internet connection.
 +
 
 +
To install RSAT:
 +
 
 +
* Click <code>Start</code>, enter <code>Apps & Features</code> into the search field, and start the application.
 +
 
 +
* Click <code>Optional features</code>.
 +
 
 +
* Click <code>Add a feature</code>.
 +
 
 +
* Select a feature and click <code>Install</code>.
 +
 
 +
:{| class="wikitable"
 +
!Feature
 +
!Description
 +
|-
 +
|RSAT: Group Policy Management Tools
 +
|Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor.
 +
|-
 +
|RSAT: Active Directory Domaini Services and Lightweight Directory Services Tools
 +
|Provides the <code>Active Directory Users and Computers</code> (ADUC) and <code>Active Directory Sites and Services</code> MMC Snap-in.
 +
|-
 +
|RSAT: DNS Server Tools
 +
|DNS MMC Snap-in for remote DNS management.
 +
|-
 +
|RSAT: Remote Desktop Services Tool
 +
|Optional. Adds the <code>Remote Desktop Services Profile</code> tab to the ADUC user object's properties and installs the <code>RDP server administration</code> MMC Snap-in. Install this feature to configure remote desktop protocol (RDP) settings in ADUC.
 +
|}
 +
 
 +
 
 +
 
 +
 
 +
== Windows 8 and Windows 10 (1703 - 1803) ==
  
 
* Start the downloaded installer and follow the instructions. All features are installed automatically.
 
* Start the downloaded installer and follow the instructions. All features are installed automatically.
Line 37: Line 73:
 
* Start the downloaded installer and follow the instructions.
 
* Start the downloaded installer and follow the instructions.
  
* Click <code>Start</code>, enter <code>Programs and Features</code> into the search field and start the application.
+
* Click <code>Start</code>, enter <code>Programs and Features</code> into the search field, and start the application.
  
 
* Select the features to install:
 
* Select the features to install:
Line 111: Line 147:
  
  
= Enabling the "Advanced Features" =
+
= Enabling the <code>Advanced Features</code> Mode =
  
 
Many Remote Server Administration Tools (RSAT) provide additional features and options after enabling the <code>Advanced Features</code> option. To activate:
 
Many Remote Server Administration Tools (RSAT) provide additional features and options after enabling the <code>Advanced Features</code> option. To activate:
Line 121: Line 157:
 
* Select <code>Advanced Features</code>.
 
* Select <code>Advanced Features</code>.
  
:[[Image:ADUC_enabling_Advanced_Features.png]]
+
:[[Image:ADUC_Enabling_Advanced_Features.png]]
  
  
Line 127: Line 163:
  
  
= Missing "Unix Attributes" tab in ADUC on Windows 10 and Windows Server 2016 =
+
= Missing <code>Unix Attributes</code> tab in ADUC on Windows 10 and Windows Server 2016 =
  
 
Windows 10 and Windows Server 2016 do not support the <code>Server for NIS Tools</code> option. Without this feature, the Active Directory User and Computer (ADUC) console does not show the <code>Unix Attributes</code> tab on user and group objects. To work around this problem, set the attributes in Active Directory (AD) manually or use a different Windows operating system.
 
Windows 10 and Windows Server 2016 do not support the <code>Server for NIS Tools</code> option. Without this feature, the Active Directory User and Computer (ADUC) console does not show the <code>Unix Attributes</code> tab on user and group objects. To work around this problem, set the attributes in Active Directory (AD) manually or use a different Windows operating system.
  
To manually set the attributes, use the <code>Attributes</code> tab on user and group object's properties. Note that this tab is only visible if you have enabled the advanced features in ADUC. For further details, see [[#Enabling_the_.22Advanced_Features.22|Enabling the "Advanced Features"]].
+
To manually set the attributes, use the <code>Attributes</code> tab on user and group object's properties. Note that this tab is only visible if you enabled the advanced features in ADUC. For further details, see [[#Enabling_the_Advanced_Features_Mode|Enabling the "Advanced Features" Mode]].
  
 
The fields from the <code>Unix Attributes</code> tab are mapped to the following AD attributes of the object:
 
The fields from the <code>Unix Attributes</code> tab are mapped to the following AD attributes of the object:
Line 140: Line 176:
 
!Field on the "Unix Attributes" tab
 
!Field on the "Unix Attributes" tab
 
!Active Directory attribute
 
!Active Directory attribute
 +
!Example value
 
|-
 
|-
 
|NIS Domain
 
|NIS Domain
 
|msSFU30NisDomain
 
|msSFU30NisDomain
 +
|samdom
 
|-
 
|-
 
|UID
 
|UID
 
|uidNumber
 
|uidNumber
 +
|10000
 
|-
 
|-
 
|Logon Shell
 
|Logon Shell
 
|loginShell
 
|loginShell
 +
|/bin/bash
 
|-
 
|-
 
|Home Directory
 
|Home Directory
 
|unixHomeDirectory
 
|unixHomeDirectory
 +
|/home/user_name
 
|-
 
|-
 
|Primary group name/GID
 
|Primary group name/GID
 
|primaryGroupID
 
|primaryGroupID
 +
|10000
 
|}
 
|}
 +
:Adapt the example values to match your environment.
  
 
* Groups:
 
* Groups:
Line 162: Line 205:
 
!Field on the "Unix Attributes" tab
 
!Field on the "Unix Attributes" tab
 
!Active Directory attribute
 
!Active Directory attribute
 +
!Example value
 
|-
 
|-
 
|NIS Domain
 
|NIS Domain
 
|msSFU30NisDomain
 
|msSFU30NisDomain
 +
|samdom
 
|-
 
|-
 
|GID (Group ID)
 
|GID (Group ID)
 
|gidNumber
 
|gidNumber
 +
|10000
 
|}
 
|}
 +
:Adapt the example values to match your environment.
 +
 +
{{Imbox
 +
| type = note
 +
| text = If you set user IDs (UID) and group IDs (GID) manually, you must also track the last used UID and GID numbers manually.
 +
}}
  
Note that setting user IDs (UID) and group IDs (GID) manually, you have to manually track of the last used UID and GID numbers.
 
  
  
Line 179: Line 230:
  
 
To report problems or incompatibilities when using the Microsoft Remote Server Administration Tools (RSAT), see [[Bug_Reporting|Bug Reporting]].
 
To report problems or incompatibilities when using the Microsoft Remote Server Administration Tools (RSAT), see [[Bug_Reporting|Bug Reporting]].
 +
 +
 +
 +
 +
 +
----
 +
[[Category:Active Directory]]
 +
[[Category:User Management]]
 +
[[Category:Group Policy Management]]
 +
[[Category:DNS]]

Latest revision as of 02:42, 25 September 2019

Introduction

To administer Active Directory (AD) from Windows, use the Microsoft Remote Server Administration Tools (RSAT). The tools are available for all platforms, Microsoft actively supports.



Download

  • Windows 10 (1809 and later): Installing RSAT is now integrated in these Windows 10 versions.

In Windows Server operating systems, the Microsoft Remote Server Administration Tools (RSAT) are included.



Installation

Windows 10 (1809 and later)

In Window 10 1809 and later, you install RSAT as an optional feature. Note that this requires an active internet connection.

To install RSAT:

  • Click Start, enter Apps & Features into the search field, and start the application.
  • Click Optional features.
  • Click Add a feature.
  • Select a feature and click Install.
Feature Description
RSAT: Group Policy Management Tools Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor.
RSAT: Active Directory Domaini Services and Lightweight Directory Services Tools Provides the Active Directory Users and Computers (ADUC) and Active Directory Sites and Services MMC Snap-in.
RSAT: DNS Server Tools DNS MMC Snap-in for remote DNS management.
RSAT: Remote Desktop Services Tool Optional. Adds the Remote Desktop Services Profile tab to the ADUC user object's properties and installs the RDP server administration MMC Snap-in. Install this feature to configure remote desktop protocol (RDP) settings in ADUC.



Windows 8 and Windows 10 (1703 - 1803)

  • Start the downloaded installer and follow the instructions. All features are installed automatically.


Windows Vista and 7

  • Start the downloaded installer and follow the instructions.
  • Click Start, enter Programs and Features into the search field, and start the application.
  • Select the features to install:
The following are the recommended features to administer a Samba Active Directory installation:
Feature Description
Group Policy Management Tools Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor.
Active Directory Module for Windows PowerShell Optional. Enables Active Directory (AD) PowerShell cmdlets.
AD DS Tools Provides the Active Directory Users and Computers (ADUC) and Active Directory Sites and Services MMC Snap-in.
Server for NIS Tools Adds the UNIX Attributes tab to ADUC objects properties. It enables you to configure RFC2307 attributes.
DNS Server tools DNS MMC Snap-in for remote DNS management.
Remote Desktop Services Tool Optional. Adds the Remote Desktop Services Profile tab to the ADUC user object's properties and installs the RDP server administration MMC Snap-in. Install this feature to configure remote desktop protocol (RDP) settings in ADUC.
  • Click OK to install the features.

You can find the installed tools in the Administrative tools menu in your start menu. Alternatively, add the Snap-ins in the MMC using the File / Add/Remove Snap-in menu.


Windows Server

  • Start the Server Manager.
  • On Windows Server 2012, 2012 R2, and 2016:
  • Click Add roles and features.
  • Select Role-based or feature-based installation.
  • Select the host on which to install the features.
  • Click Next on the Roles page.
  • On Windows Server 2008 and 2008 R2:
  • Select Features in the navigation tree and click Add Features.
  • Select the features to install:
The following are the recommended features to administer a Samba Active Directory installation:
Feature Description
Group Policy Management Provides the Group Policy MMC Snap-ins: Management Tool, Management Editor and Starter GPO Editor.
AD DS Snap-Ins and Command-Line Tools Optional. Provides the Active Directory Users and Computers (ADUC) and Active Directory Sites and Services MMC Snap-in.
Server for NIS Tools Adds the UNIX Attributes tab to ADUC objects properties. It enables you to configure RFC2307 attributes.
This feature is not supported in Windows Server 2016. For details, see Missing "Unix Attributes" tab in ADUC on Windows 10 and Windows Server 2016.
Active Directory Module for Windows PowerShell Enables Active Directory (AD) PowerShell cmdlets.
DNS Server tools DNS MMC Snap-in for remote DNS management.



Enabling the Advanced Features Mode

Many Remote Server Administration Tools (RSAT) provide additional features and options after enabling the Advanced Features option. To activate:

  • Select the root of the navigation tree on the left side.
  • Open the View menu.
  • Select Advanced Features.
ADUC Enabling Advanced Features.png



Missing Unix Attributes tab in ADUC on Windows 10 and Windows Server 2016

Windows 10 and Windows Server 2016 do not support the Server for NIS Tools option. Without this feature, the Active Directory User and Computer (ADUC) console does not show the Unix Attributes tab on user and group objects. To work around this problem, set the attributes in Active Directory (AD) manually or use a different Windows operating system.

To manually set the attributes, use the Attributes tab on user and group object's properties. Note that this tab is only visible if you enabled the advanced features in ADUC. For further details, see Enabling the "Advanced Features" Mode.

The fields from the Unix Attributes tab are mapped to the following AD attributes of the object:

  • Users:
Field on the "Unix Attributes" tab Active Directory attribute Example value
NIS Domain msSFU30NisDomain samdom
UID uidNumber 10000
Logon Shell loginShell /bin/bash
Home Directory unixHomeDirectory /home/user_name
Primary group name/GID primaryGroupID 10000
Adapt the example values to match your environment.
  • Groups:
Field on the "Unix Attributes" tab Active Directory attribute Example value
NIS Domain msSFU30NisDomain samdom
GID (Group ID) gidNumber 10000
Adapt the example values to match your environment.




Reporting Problems and Incompatibilities

To report problems or incompatibilities when using the Microsoft Remote Server Administration Tools (RSAT), see Bug Reporting.