This article explains how to extend Active Directory Users and Computers (ADUC) to start the Windows Admin Center from the computer object context menu.

The Windows Admin Center is Microsoft's new web-based management interface for Windows computers. It exposes information about server core components like CPU, RAM, and disks, plus it gives access to the registry, files, services, software, and more. You can install Admin Center locally on the admin workstation or as a gateway on a server.

ADUC showing the extended computer object context menu

ADUC showing the extended computer object context menu

Adding the Admin Center context menu to ADUC consists of three parts. First is modifying the Active Directory object where customizing the context menu takes place. Second is a new subfolder in Netlogon to ensure the script is available in all locations. Last is the VBScript, which receives the selected computer and opens the default browser with the Windows Admin Center URL.

Active Directory modification ^

The Admin-Context-Menu attribute in Active Directory allows placing custom entries in the context menus of computers, users, groups, and other objects in ADUC. It is in the Configuration partition of Active Directory and requires Enterprise Admin permissions to modify it.

Open ADSIEDIT.MSC as an Enterprise Admin, navigate to Configuration > CN=Configuration, CN=DisplaySpecifiers > CN=409 > CN=computer-Display, and choose Properties:

ADSIEDIT exposing the computer display properties

ADSIEDIT exposing the computer display properties

Assuming your Active Directory is called nwtraders.msft, add the following text as an additional value:

2, Open in Windows Admin Center, \\nwtraders.msft\netlogon\ADUCExtensions\AD_OpenInAdminCenter.vbs

Specify the order, name, and location of the new entry in ADUC's computer object context menu

Specify the order, name, and location of the new entry in ADUC's computer object context menu

Note: If 2 is already taken by something else, use the next free number.

The ADUCExtensions folder in Netlogon ^

Create a folder in \\nwtraders.msft\netlogon named ADUCExtensions. Ensure that authenticated users can read it, but only elected administrators can modify it.

The VBScript to launch Admin Center ^

The script receives the selected computer as an argument. It first retrieves the OS from Active Directory and verifies that it is at least Windows Server 2008. If the script succeeds, the default browser will start the Windows Admin Center.

Amend the Windows Admin Center URL in the script and store it in the previously created folder.

If the Windows Admin Center is installed locally, use localhost. If it is running as a gateway, place the name of it in there.

' **********************************************************************
' VBScript: AD_OpenInAdminCenter.vbs
' Author: Ruben
' Date:   2018-11-25
' Version: 1
' Description:
' This script calls the Admin Center and passes in the computername.
' Attention:
' This VB script comes with ABSOLUTELY NO WARRANTY; for details
' see gnu-gpl. This is free software, and you are welcome
' to redistribute it under certain conditions; see gnu-gpl for details.
' **********************************************************************

' -----------------------</ Script Configuration \>---------------------
' Configure the URL of the Admin Center below.
	strServerManagerBaseUrl = "https://oursrvadmingateway:443"
' -----------------------<\ Script Configuration />---------------------

'* Authenticating against Active Directory with Kerberos
Const ADS_FAST_BIND   = 32
Dim objDSE, objConn, objRS, objdso, objADSUser, objWShell, objComputerInAD
Dim arrUserAccountData, strDefaultNamingContext, strLine, strADSUser, strErrorMsg, strcomputerName
'* Retrieving the selected computername
Set wshArguments      = WScript.Arguments
Set objComputerInAD = GetObject(wshArguments(0))
strComputerName = Replace(objComputerInAD.sAMAccountName,"$","")
Set objWShell = CreateObject("WScript.Shell")

'* Binding to Active Directory using ADO (+Kerberos) to get the distinct name of the user object
Set objdso  = GetObject("LDAP:")
Set objDSE  = GetObject("LDAP://rootDSE")
Set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADSDSOObject"
objConn.Open "Active Directory Provider"
strDefaultNamingContext = "<LDAP://" & objDSE.Get("defaultNamingContext") & ">"

'* Querying the computer's OS information in Active Directory. An unsupported OS version will end the script gracefully.
Function GetOSInfoFromAD(strComputerName)
	strErrorMsg = "No information available."
	Set objRS = objConn.Execute _
	   (strDefaultNamingContext &";(name="&strComputerName&");" _
	  & "sAMAccountName,operatingSystem,operatingSystemVersion,ADsPath;SubTree")
	If objRS.RecordCount < 1 Then
		MsgBox "Error: No ADS - Computer found: " &strComputerName
		strADOSVersion = ""
		If Not IsNull(objRS.Fields.Item("operatingSystemVersion").Value) Then
			strADOSVersion = objRS.Fields.Item("operatingSystemVersion").Value
		End If			
		If Not IsNull(objRS.Fields.Item("operatingSystem").Value) Then
			strADOSName = objRS.Fields.Item("operatingSystem").Value
		End If						
		If strADOSVersion = "" Then
			WScript.Echo "Not a Windows Computer. Exiting."
		End If
		arrOS = Split(strADOSVersion, " ")
		strOSVersion = arrOS(0)
		If (strOSVersion = "6.1" Or strOSVersion = "6.2" Or strOSVersion = "6.3" Or strOSVersion = "10.0") Then
			strFoo = "bar"			
			MsgBox strComputerName & "Sorry, " & strADOSName & " / " & strADOSVersion & " is not support In Windows Admin Center"
		End If				
	End If
	Set objRS = Nothing
End Function

'* Starting the default browser with the Admin Center URL that contains the selected computer
Function OpenServerManager(strServerManagerBaseUrl, strComputerName)	
	strFullUrl = strServerManagerBaseUrl & "/servermanager/connections/server/" &strComputerName & "/tools/overview"
	Call objWShell.Run("""" & strFullUrl & """",0,False)	
End Function

'* Executing both functions
Call GetOSInfoFromAD(strComputerName)
Call OpenServerManager(strServerManagerBaseUrl, strComputerName)

Last, but not least ^

Besides computer objects in ADUC, we can also extend user and group context menus the same way. Questions and comments are welcome as usual. Please use the feedback form below.


Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account