2

I'm setting up a Active Directory lab environment on a Windows 8.1 laptop. I now have a Windows Server Core 2012 domain controller running inside a VM. I installed Server Manager for Windows 8.1 and have set things up so I can manage everything from the Win8.1 host machine.

Well, everything except Active Directory Administrative Center (ADAC). When started it produces an error: Your account or computer is not joined to any domain. Join to a domain and try again. All other AD-related management tools work just fine.

Is it impossible to run ADAC outside an AD domain or am I still missing some configuration? I do not want to join the host machine to the lab domain.

rwwilden
  • 369
  • 1
  • 5
  • 13

3 Answers3

2

I am a little late to your party here, but I am a full time consultant who logs into many different domains. In my RSAT tools, I use a line like this:

runas /netonly /user:domain\userid dsac.exe

The domain is the domain of my client, or your lab.

This works great, except it throws an error, unable to connect to the domain. It still opens the console though. Once open, I am able to connect to the domain that I need. If I find the way to connect it to the domain, I will post that here as well. If you don't have it already, here is what I use for most of the other shortcuts, just change the mmc it is opening:

%systemroot%\System32\runas.exe /netonly /user:domain\userid "mmc dsa.msc /domain=other.domain"
squillman
  • 37,883
  • 12
  • 92
  • 146
Craig
  • 21
  • 2
1

Is it impossible to run ADAC outside an AD domain or am I still missing some configuration?

Yes. Most of the built-in tools to manage things relating to your domain require that they are being run as a domain user. That necessitates the machine they are running from be joined to that domain.

That said, there are 3rd party tools that can be used to manage a domain. For example, any LDAP browser can manipulate objects in the directory. You just don't get a lot of the GUI niceties like check boxes and radio buttons for certain properties.

Ryan Bolger
  • 16,755
  • 4
  • 42
  • 64
  • Maybe I should extend my environment with an OS version that actually has a GUI then (or stick with Powershell). Thanks for the answer. – rwwilden Feb 27 '14 at 12:32
  • Yeah. If your DC is going to be the *only* permanent machine in your lab domain, it makes sense to install the full GUI version rather than Core. – Ryan Bolger Feb 27 '14 at 18:32
  • I intend to run multiple machines so I'm a little concerned about footprint (especially memory). I'm assuming Core takes less resources than the GUI version. – rwwilden Feb 27 '14 at 20:12
1

I've been using the following to manage untrusted domains. It worked without any problems until I attempted to run the Administrative Center on a Windows 10 workstation. Windows 7 and 8, no issues.

    runas /netonly /user:domain\userid dsac.exe

In Windows 10, the Admin center just crashes. The error logs point to a .Net error I haven't found a solution to that problem and I can't seem to find any other references that could possibly fix this issue. I believe Microsoft may have changed something in the executable that requires it to have some level of trust for it to work.

Jessie
  • 182
  • 1
  • 13