Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis announces strategic partnership with Microsoft to acclerate the secure adoption of Copilot.

Learn more

How to Install and Import Active Directory PowerShell Module

5 min read
Last updated January 10, 2022

Are you tired of managing Active Directory using the graphical interface? Then you might be interested in the Active Directory PowerShell module! This module gives you the ability to manage Active Directory using commands in PowerShell. Harnessing the module opens up the possibilities of automating management tasks like user creation and removal.

Get the free PowerShell and Active Directory Video Course

In this post, you will learn more about the Active Directory PowerShell module, installing the module on different Windows operating systems, and importing the module into a PowerShell console. To follow along with this tutorial, you will need:

  • A computer with Windows 10 Professional or Enterprise
  • A computer with Windows Server 2008 or higher (this tutorial uses Windows Server 2019 Enterprise)
  • Windows PowerShell 5.1

What is the PowerShell Active Directory Module?

The Active Directory PowerShell module consolidates a group of cmdlets used to administer on-premises Active Directory. You use these cmdlets for domain management and managing users, groups, and objects.

Need to manage Azure Active Directory or Office 365? Check out Jeff Brown's article How to Connect to Office 365 PowerShell (Azure AD Modules)!

While you can manage your environment using graphical interfaces (like Active Directory Users and Computers), PowerShell provides the ability to make changes at scale. You issue PowerShell commands that can iterate through a user list to modify an attribute much faster than the graphical interface.

The Active Directory PowerShell module is automatically installed on domain controllers in your environment. However, if you want to manage your Active Directory environment remotely, you need to install the module on your system. The following sections outline multiple ways to install the modules based on your operating system.

How to Install Active Directory PowerShell Module

Installing the PowerShell module is not standardized across Microsoft's multiple Windows operating systems. Review the sections below and find the method that fits your scenario!

Installation on Windows 10

The procedure for installing the Active Directory PowerShell module depends on the Windows 10 version. To determine your version of Windows 10:

  1. Click the Start button and search for "settings." Select Settings from the search results.
    start_settings
  2. In the Settings application, select System.
    settings_main
  3. In the Systems section, select About. On the right, look for the Windows specifications section and note the current Version.
    settings_about_version

To see a complete list of Windows 10 versions and release dates, check out this article from Microsoft:

Microsoft Docs | Windows 10 - Release Information

Installing on Windows 10 Prior to Version 1809

Before Windows 10 version 1809, Microsoft made the Active Directory PowerShell module available through the Remote Server Administration Tools for Windows 10. This software install includes the module as well as several other remote management features.

  1. On the Windows 10 system, open a Web browser and navigate to this address to download the RSAT Tools for Windows 10:https://www.microsoft.com/en-us/download/details.aspx?id=45520
  2. Select your language, then click Download. On the file list page, select the x86 for 32-bit systems or x64 for 64-bit systems of the WS_1803 installer. Click Next.
    win10_rsat_dl_file_select
  3. Save the installer to a location on your system that you can locate again. Once finished, navigate to that location and open the installer.
  4. The installer verifies that the update applies to your system, then prompts if you want to install the update. Click Yes.
  5. On the update window, review the license terms, then click I Accept. Monitor the installation, and upon successful installation, click Restart Now.
  6. Once the system has restarted, click the Start button and search for "control panel." Select the Control Panel app from the search results.
    win10_start_controlpanel
  7. In the Control Panel, click Programs, then Programs and Features. Depending on your view settings, Programs and Features may already be displayed.
  8. In Programs and Features, select Turn Windows features on or off.
  9. In the Windows Features window, navigate to Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools.
  10. If the Active Directory Module for Windows PowerShell does not have a checkmark next to its name, select the option, and click OK.
    win10_add_win_feature

Installation for Windows 10 version 1809 and later

In October 2018, Microsoft released Windows 10 version 1809, which changed how you install the Active Directory PowerShell Module. The RSAT Tools for Windows 10 are now part of the operating system and are an optional installation feature. There are two installation methods available for these later versions.

Method 1: Install via Settings App

To install the RSAT Tools using the Settings app:

  1. Click the Start button and search for "settings." Select Settings from the search results.
    start_settings
  2. In the Settings application, click Apps.
    settings_main
  3. In the Apps window, click Optional features.
    optional_features
  4. Select + Add a feature, then type "Active Directory" in the search bar. Select RSAT: Active Directory Domain Services and Lightweight Directory Services from the results, then click Install.
    install_adds

Method 2: Install via PowerShell

A second option is to enable the same feature from Method 1 using PowerShell.

  1. Click the Start button and search for "powershell." Select Windows PowerShell from the search results.
    start_powershell (1)
  2. In the PowerShell console, use the Add-WindowsCapability cmdlet to install the Active Directory RSAT tools. Specify the -Name (Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0) and the -Online parameter to use Windows Update to install the feature.
    1. Add-WindowsCapability -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0 -Online
    Add-WindowsCapability -Name Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0 -Online
    win10_ps_install

Installing on Windows Server (Multiple Versions)

While Windows 10 has different installation procedures based on version, Windows Server has maintained the same installation method across multiple versions. While this tutorial focuses on Windows Server 2019, these methods should be valid for other versions such as:

  • Windows Server 2008 and 2008 R2
  • Windows Server 2012 and 2012 R2
  • Windows Server 2016

Method 1: Install via Add Roles and Features

  1. Click on Start and click Server Manager from the Start menu.
    server_start_servermanager
  2. In Server Manager, click Manage in the upper right corner, then click Add Roles and Features.
    server_manage_addrolesfeatures
  3. In the Add Roles and Features Wizard, click Next if the Before you begin window is displayed. If not, proceed to the next step.
  4. For the installation type, select the Role-based or feature-based installation option, then click Next.
  5. For the server selection, select the Select a server from the server pool option, then select the server name from the server pool. Click Next.
  6. On the Server Roles page, no changes need to be made. Click Next.
  7. On the Features page, expand Remote Server Administration Tools > Role Administration Tools > AD DS and AD LDS Tools, then select Active Directory module for Windows Powershell. Once selected, click Next.
    server_select_feature_adds
  8. On the Confirmation page, click Install. Once the install completes successfully, click Close.

Method 2: Install via PowerShell

  1. Click the Start button and search for "powershell." Select Windows PowerShell from the search results.
    start_powershell (1)
  2. In the PowerShell console, use the Install-WindowsFeature cmdlet to install the Active Directory PowerShell module. Specify the feature -Name (RSAT-AD-PowerShell) and add the -IncludeAllSubFeature parameter to add any child features.
  1. Install-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature
Install-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature
server_ps_install

 

How to Import Active Directory PowerShell Module

While there are many installation methods, there is only one way to import the module! The following steps are valid for both Windows 10 and all server versions. To import the Active Directory PowerShell module:

  1. Click the Start button and search for "powershell." Select Windows PowerShell from the search results.
    start_powershell
  2. To verify the module is available, run the Get-Module command specifying the -Name (ActiveDirectory) and the -ListAvailable parameter to search all modules installed on the system. If a result is returned like in the screenshot below, you are good to go!
    1. Get-Module -Name ActiveDirectory -ListAvailable
    Get-Module -Name ActiveDirectory -ListAvailable
    ps_get_module
  3. Import the module using the Import-Module cmdlet, again specifying the module's name (ActiveDirectory) using the -Name parameter.
    1. Import-Module -Name ActiveDirectory
    Import-Module -Name ActiveDirectory

Success! You have installed and imported the Active Directory PowerShell module!

PowerShell Active Directory Module FAQs

What is Active Directory Module for PowerShell?

The Active Directory PowerShell module is a set of cmdlets used for managing Active Directory domains and objects. You can install the module on Windows operating systems like Windows 10 and Windows Server.

How do I import the Active Directory PowerShell module?

Use the Import-Module cmdlet with the -Name ActiveDirectory parameter and value.

How do I install the Active Directory PowerShell module on Windows Server?

In a PowerShell console, run the command Install-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature.

Closing

The Active Directory PowerShell module is a powerful tool for administrators. In this article, you learned how to install the module on non-domain controller systems for remote management. Next, explore all the commands in the module to see what tasks you can automate!

Want to learn more about PowerShell scripting for Active Directory? Check out Michael Buckbee's article How to Get Started with PowerShell and Active Directory Scripting!

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Try Varonis free.
Get a detailed data risk report based on your company’s data.
Deploys in minutes.
Keep reading
how-to-install-and-import-active-directory-powershell-module
How to Install and Import Active Directory PowerShell Module
The Active Directory PowerShell module is a powerful tool for managing Active Directory. Learn how to install and import the module in this detailed tutorial!
threat-update-49-–-serioussam-&-black-hat-2021
Threat Update 49 – SeriousSAM & Black Hat 2021
Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager (SAM) file containing hashed account passwords from a system.
threat-update-45-–-ransomware-early-warning:-ad-attacks
Threat Update 45 – Ransomware Early Warning: AD Attacks
Attackers leverage a number of techniques, but two of the most common are password spray attacks and kerberoasting. Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss how and why attackers leverage each technique and look at a real-life example of each type of attack from one of our attack lab scenarios.
threat-update-44-–-ransomware-early-warning:-dns-recon
Threat Update 44 – Ransomware Early Warning: DNS Recon
Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss what DNS is, how it works, and how attackers can “live off the land” to map out an organization’s network using a few command-line tools built into every OS.