- New Group Policy settings in Windows 11 23H2 - Mon, Nov 20 2023
- Windows Server 2025 will support SMB over QUIC in all editions - Fri, Nov 17 2023
- Switch between Windows Terminal and the legacy console - Thu, Nov 16 2023
Currently, Windows Admin Center (WAC) only supplements the RSAT; it does not replace them. So far, it is almost impossible to avoid using the two toolboxes side-by-side because the WAC exclusively covers some new features of Windows Server, such as System Insights, while many common tasks are still left to MMC-based tools.
Implementation as extensions
The Windows Server roles that the Admin Center has completely ignored to date include AD Domain Services, DNS and DHCP servers. Since their administration is one of the core tasks of many admins, the modules for these roles were at the top of users' wish lists for WAC.
These wishes are fulfilled by Microsoft's three new modules in Preview 1903. However, they are not an integral part of the WAC yet; they must be installed as extensions. Consequently, the development of the new modules is decoupled from the overall system, which allows Microsoft to publish updates at shorter intervals.
Information about extension updates
To inform users in general about new versions of extensions, the WAC Preview 1903 introduces a notification function. A corresponding message appears when an extension is opened and an update is available.
WAC displaying a notification about an update for an extension
For extensions that originate from hardware manufacturers, it is sufficient if the user in WAC connects to a server offered by the hardware provider. However, the extension must explicitly support notifications.
Adding extensions for AD, DNS, and DHCP
The list of extensions can be displayed using the gear symbol in the top right-hand corner of the menu bar. You can install the previews for Active Directory, DNS, and DHCP individually from there. However, afterwards they only appear in the navigation of Admin Center when you connect to a domain controller, a DHCP, or a DNS server.
The modules for AD, DNS, and DHCP must be installed via the list of extensions
Managing the Active Directory
When called, the AD module provides several information about the domain, such as name, functional level, or the standard containers for users and computers. The actual administration is essentially limited to adding, deleting, and editing user accounts as well as creating groups and managing their members.
When editing user accounts, only some of the attributes are available
Password reset is one of the features that is especially useful for web-based tools. This task can be delegated to employees without having to install any software on their computer.
Password reset in WAC Preview 1903
The AD extension also supports this function. However, WAC's rough role model does not allow users to be limited to this task. Rather, they can use all the AD module features within the scope of their permissions.
Objects in Active Directory can only be accessed via the search function
Unlike Active Directory Users and Computers or the Active Directory Administrative Center, the new WAC extension does not allow you to navigate through the AD's tree structure; instead, all activities start with the integrated search function.
It also allows the entry of substrings and returns all objects (users, computers, groups) that match the pattern. Depending on the type you choose, specific operations are available. The password reset, for example, only works for users.
There is no access to OUs. Therefore, these cannot be displayed, edited, moved, or newly created. Currently, it is also not possible to manage group policies via the WAC.
When adding a server, you can look up its name in the Active Directory
The integration with the AD is also noticeable elsewhere. If you want to add a new computer to the list of managed systems, you can now trigger a search in the AD.
DNS Management
The new extension handles most of the core features needed for this service. Thus, the DNS module can display details of forward and reverse lookup zones, create them, and edit their properties (such as master server or dynamic updates).
Displaying DNS zones and their entries with the new DNS extension from WAC
Moreover, admins can use it to create records of host type (A or AAAA), CNAME, or MX. Existing DNS entries and their properties, such as FQDN, IP address, or TTL, can be edited. The tool also allows you to create PTR type entries under a Reverse Lookup Zone.
To use the DNS extension, the PowerShell DNS module must be installed on the target server. If necessary, this can be done directly from the error message or with:
Install-WindowsFeature -ComputerName <DNS-Server> -Name RSAT-DNS-Server
DHCP Extension
The module for DHCP provides the essential status information for the IPv4 and IPv6 scopes (use of addresses, reservations). Scopes can also be created and configured (IP addresses for the start and end of a range, expiration of leases, exclusion of ranges, reservations).
Editing DHCP scope in the Windows Admin Center
Advanced functions, such as configuring DHCP failover or filtering clients via policies, are not supported. It is also not possible to authorize DHCP servers in Active Directory.
The DNS and DHCP extensions need their respective PowerShell modules on the target system
The DHCP extension also requires the respective PowerShell module (RSAT-DHCP) on the target systems. You can add it following the same pattern used for DNS.
Subscribe to 4sysops newsletter!
Availability
WAC Preview 1903 can be downloaded from the Windows Server Preview website once you are registered as an Insider. As mentioned above, you have to add the extensions for AD, DNS, and DHCP separately.
Read the latest IT news and community updates!
Join our IT community and read articles without ads!
Do you want to write for 4sysops? We are looking for new authors.
Windows Admin Center 1904 GA update is now available.
Any changes for AD, DNS and DHCP?
Things are going so fast…