Active Directory Computer Objects Management

A computer object in AD is used to model a real computer in an organizational network environment.

Say for example, I bought a new computer machine -01 in my organization, and want to allow people to access various organizational resources through this computer. All I have to do to achieve this is create a computer object in the Active Directory users and computers console and assign permissions to the computer object representing machine – 01. And depending on the permissions I assign to the computer object the users’ access over resources through this computer might be granted, restricted or denied.

To create a computer object in Active Directory

    • Start -> administrative tools -> Active Directory users and computers console
    • Right click on the console tree
    • From the menu that pops choose the option “new”
    • On choosing the option new another menu pops with a list of objects ,from that choose “computer”
    • An object creation wizard appears as shown in the figure below, enter the name attributes of the computer object , and click next
    • On the second page if you want a user to manage this computer, then choose a user name and click next
  • On clicking finish the object will be created and can be located on the ADUC console tree in its respective container.

Active Directory Computer Objects creation

Computer objects creation Wizard

To delete a computer object in AD

    • Open ADUC
    • Right click on the computer object you intend to delete
    • From the submenu that pops choose the option “delete”
  • The computer object will be deleted from Active Directory and will no more appear on the console tree.

To modify a computer object in AD

    • Open ADUC and right click on the computer object you intend to modify
    • From the shortcut menu that pops choose the option “properties”
    • A computer object properties dialogue box appears with various tabs
    • Navigate through the various tabs and make the necessary changes
    • Click apply and then OK
  • The modifications will hence be made.

The mandatory attributes of computer object are:

  • 1. cn
  • 2. objectCategory
  • 3. objectclass
  • 4. sAMAccountName

cn and sAMAccountName attributes help in the unique identification of the object across the domain.


Comments

comments

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)