Active Directory Computer Objects Management
A computer object in AD is used to model a real computer in an organizational network environment.
Say for example, I bought a new computer machine -01 in my organization, and want to allow people to access various organizational resources through this computer. All I have to do to achieve this is create a computer object in the Active Directory users and computers console and assign permissions to the computer object representing machine – 01. And depending on the permissions I assign to the computer object the users’ access over resources through this computer might be granted, restricted or denied.
To create a computer object in Active Directory
- Start -> administrative tools -> Active Directory users and computers console
- Right click on the console tree
- From the menu that pops choose the option “new”
- On choosing the option new another menu pops with a list of objects ,from that choose “computer”
- An object creation wizard appears as shown in the figure below, enter the name attributes of the computer object , and click next
- On the second page if you want a user to manage this computer, then choose a user name and click next
- On clicking finish the object will be created and can be located on the ADUC console tree in its respective container.
Computer objects creation Wizard
To delete a computer object in AD
- Open ADUC
- Right click on the computer object you intend to delete
- From the submenu that pops choose the option “delete”
- The computer object will be deleted from Active Directory and will no more appear on the console tree.
To modify a computer object in AD
- Open ADUC and right click on the computer object you intend to modify
- From the shortcut menu that pops choose the option “properties”
- A computer object properties dialogue box appears with various tabs
- Navigate through the various tabs and make the necessary changes
- Click apply and then OK
- The modifications will hence be made.
The mandatory attributes of computer object are:
- 1. cn
- 2. objectCategory
- 3. objectclass
- 4. sAMAccountName
cn and sAMAccountName attributes help in the unique identification of the object across the domain.
Related Articles
Active Directory Group Objects Management
As the self-explanatory name suggests, this object is meant to represent a group. In AD, a group is an object which can contain a collection of users, or computers, or contacts, or even other groups as members .It simplifies administrative burden. ...Active Directory Objects List
Objects are the fulcrum of Active Directory. The ease of an organization’s resource management comes from the fact that objects give AD a modular structure. Introduction The individual components of an organization’s network are called objects in ...Active Directory Computer
Real-world entities like Active Directory computers are fundamentally represented as objects. This video walks through Active Directory computer objects and will also give you a brief insight of its common and important attributes. Active Directory Objects
Real-world entities such as users, computers are represented as objects in Active Directory. Objects are the fulcrum for the very existence of Active Directory. One important aspect with respect to object characteristics is that some of the objects ...Active Directory Computer Objects Tabs
The general tab Some properties are assigned to a computer automatically once it’s joined to a domain, such as DNS name, Computer name, and Role etc. Even the administrator himself cannot change these properties. In the description box you can add a ...