a screenshot of a computer screen with the active directory button highlighted

Why the Active Directory Users and Computers tool sucks

As an IT support worker it’s hard to go a day without using Active Directory Users and Computers (ADUC).

And yet even as a key tool to managing an Active Directory environment it has massive usability issues.

“Advanced Features” option

In the ‘view’ menu you’ll find a “Advanced Features” option – which is not enabled by default.

Once enabled a number of important options are available, for example when viewing a user you’ll see additional tabs – Published Certificates, Object, Security, COM+.

Why on earth is this even an option – who actually uses ADUC without this enabled!

Search box clears after switching filter

When you change the search filter from the default ‘Users, Contact, and Groups’ the search box changes, clearing the search term entered – sounds easy to remember right? Wrong ! Most still find themselves searching for a computer, then switching the the “Computer” filter and loosing the search term!

Missing “Additional Account Info” tab

For those that haven’t worked long enough in IT to remember – there used to be a non-standard addon (acctinfo.dll) that gave you an “additional account info” tab – with this you were able to easily check key information like:

  • password last set date/time
  • password expires date/time
  • password replication across domain controllers
  • locked state
  • last logged in date/time
  • last bad password date/time

This stopped working after Server 2008.

Tagged in


3 comments on “Why the Active Directory Users and Computers tool sucks

  1. Actually the built-in Active Directory Administrative Center is what You should use when using Server 2012 or newer based AD.
    ADUC is missing sevaral options for newer servers (AD functional levels).
    Also – there is (somewhere in Internet) version 2 of Additional Accont information which works with all recent Windows OS versions.

  2. ADUC sucks because it’s no good neither for the IT staff, nor for anybody you might want to delegate it to. There are however third party solutions like Adaxes that do the job.

Leave a Comment

Your email address will not be published. Required fields are marked *