This article has the steps to use the Active Directory Users and Computers (ADUC) tool to view a managed organizational unit (OU) in Central Services or Hokies Active Directory.

An organizational unit (OU) is a container in Active Directory (AD) for storing objects such as accounts, groups, and other OUs. Organizing accounts into OUs allows for easier administration and makes it possible to delegate administrative tasks including Google Workspace storage allotments. Hokies OU admins are assigned users within the Hokies AD that are authorized to administer their OU.

One important idea to keep in mind when using OUs: They are not security principles. This means that they cannot be used to secure resources.

1. Click Start.
2. Type: admin.
3. As you type, results will appear and change. Click Windows Administrative Tools or Administrative Tools.

   

4. Double-click Active Directory Users and Computers.

   

5. Right click on the domain cntrlsrvs.w2k.vt.edu in the left pane.
6. Click Change Domain....

   

7. In the Domain: text box, type: cntrlsrvs.w2k.vt.edu.
   
8. Optionally, place a check in the Save this domain setting for the current console check box.
9. Click OK.

   

10. Navigate to your OU.
    
    1. In the left pane, double-click cntrlsrvs.w2k.vt.edu.

       

    2. Double-click Central.
    3. Click the name of your OU. You can now administer the OU.

Top of page

How do I create computer accounts in a Central Services OU?

You must be the administrator of your OU in Central Services to perform these actions. These instructions pertain to computer accounts in a Central Services OU.

1. Pre-create the computer account.
   
   1. On the OU administrator's computer, start the Active Directory Users and Computers administrative tool.
      (For instructions on installing the tool, see Installing the Active Directory Users and Computers Tool.)
   2. In the left pane, browse to and click your OU to highlight it.
      Example: cntrlsrvs.w2k.vt.edu, Central, ABC (where ABC is replaced with the name of your OU).
   3. In the menu bar, click Action.
   4. Click New.
   5. Click Computer.

      

   6. In the Computer name: text box, type the name of the computer to be added to the OU.
   7. Click OK.

      

   8. Wait 15 minutes for the computer account to replicate to all domain controllers.
2. Add the computer to your Central Services OU.
   
   1. Log on to the computer you want to join to the OU using a local administrator account.
   2. Set the computer's DNS addresses to the appropriate addresses.
      
      1. Click Start.
      2. Type: network connections.
      3. As you type, results will appear and change. Click View network connections.

         

      4. Right-click the appropriate connection.
      5. Click Properties.

         

      6. Double-click Internet Protocol Version 4 (TCP/IPv4).

         

      7. Click Use the following DNS server addresses:
      8. In the Preferred DNS server: text box, type: 198.82.162.237.
      9. In the Alternate DNS server: text box, type: 198.82.174.15.
      10. Click OK.

          

      11. Click OK.
      12. Close the Network Connections window.
   3. Change the computer's domain membership to cntrlsrvs.w2k.vt.edu.
      
      1. View the system properties.
         
         1. Click Start.
         2. Type: system.
            
         3. As you type, results will appear and change. Click System.

            

         4. On the right side of the window, click Change settings.

            

      2. Change the workgroup and domain membership.
         
         1. Click the Computer Name tab.
         2. Click Change....

            

         3. Under Member of, click Domain:.
         4. In the Domain: text box, type: cntrlsrvs.w2k.vt.edu.
            
         5. Click OK.

            

      3. In the Windows Security window that prompts for permission to join the domain:
         
         1. In the User name text box, type: hokies\ABC.
            (Replace ABC with your own Hokies ID.)
         2. In the Password text box, type your Hokies passphrase.
         3. Click OK.
      4. When you see the Welcome to the cntrlsrvs.w2k.vt.edu domain message, click OK.
      5. **Important: If you see "The following error occurred attempting to join the domain 'cntrlsrvs.w2k.vt.edu': Access is denied", verify that you used the MMC to pre-create the computer account as directed above.**
      6. Click OK.
      7. When you see a message saying you have to restart your computer, close all windows, and restart your computer.
   4. The added computer can now be logged on to with a VT username and passphrase.

 Top of page

How do I use ADUC to administer a Central Services managed OU on a computer not in the Central Services AD?

1. Ensure that ADUC is installed. See Installing the Active Directory Users and Computers (ADUC) Tool for details.
2. In the command below, replace {username} with your Hokies account username.
   
   • Command: runas /user:hokies\{username} /netonly "mmc.exe dsa.msc"
   • The "netonly" switch specifies that the credentials you provide are only used for remote access (a user profile should not be created/used on local system).
3. You may receive an error message about "Naming information cannot be located". This is expected, and is safe to ignore. Click OK if you received this error message. (The "Active Directory Users and Computers" window will appear anyway, afterwards.) 
4. In the resulting "Active Directory Users and Computers" window, RIGHT-CLICK Active Directory Users and Computers (the top-most item of the left panel's navigational hierarchy listing) and click Change Domain....
5. In the Domain text box, type
   
   • EITHER - "w2k.vt.edu" (to connect to the Hokies domain)
   • OR- "cntrlsrvs.w2k.vt.edu" (to connect to Central Services domain) 
6. Then click OK.
7. In the left panel, under Active Directory Users and Computers should now appear a triangle pointing to the name of the domain you specified. Click that triangle to expand the OU structure of the domain. 
8. Finally, to find your managed OU: 
   
   • NOTE: in the wording below, "{ou}" represents your managed OU. 
   • EITHER- for Hokies OUs: You should be able to click the triangle and browse to "w2k.vt.edu/vt/{ou}" to view and administer your Hokies managed OU. 
   • OR- for Central Services OUs: You should be able to click the triangle and browse to "cntrlsrvs.w2k.vt.edu/Central/{ou}" to view and administer your Central Services managed OU.  

Top of page