|
| 1 | +--- |
| 2 | +title: Instructions for data retrieval from Azure Active Directory Domain Services | Microsoft Docs |
| 3 | +description: Learn how to retrieve data from Azure Active Directory Domain Services (Azure AD DS). |
| 4 | +services: active-directory-ds |
| 5 | +author: justinha |
| 6 | +manager: karenhoran |
| 7 | + |
| 8 | +ms.service: active-directory |
| 9 | +ms.subservice: domain-services |
| 10 | +ms.workload: identity |
| 11 | +ms.topic: conceptual |
| 12 | +ms.date: 04/14/2022 |
| 13 | +ms.author: justinha |
| 14 | +ms.reviewer: manthanm |
| 15 | +--- |
| 16 | + |
| 17 | +# Azure AD DS instructions for data retrieval |
| 18 | + |
| 19 | +This document describes how to retrieve data from Azure Active Directory Domain Services (Azure AD DS). |
| 20 | + |
| 21 | +[!INCLUDE [active-directory-app-provisioning.md](../../includes/gdpr-intro-sentence.md)] |
| 22 | + |
| 23 | +## Use Azure Active Directory to create, read, update, and delete user objects |
| 24 | + |
| 25 | +You can create a user in the Azure AD portal or by using Graph PowerShell or Graph API. You can also read, update, and delete users. The next sections show how to do these operations in the Azure AD portal. |
| 26 | + |
| 27 | +### Create, read, or update a user |
| 28 | + |
| 29 | +You can create a new user using the Azure Active Directory portal. |
| 30 | +To add a new user, follow these steps: |
| 31 | + |
| 32 | +1. Sign in to the [Azure portal](https://portal.azure.com/) in the User Administrator role for the organization. |
| 33 | + |
| 34 | +1. Search for and select *Azure Active Directory* from any page. |
| 35 | + |
| 36 | +1. Select **Users**, and then select **New user**. |
| 37 | + |
| 38 | +  |
| 39 | + |
| 40 | +1. On the **User** page, enter information for this user: |
| 41 | + |
| 42 | + - **Name**. Required. The first and last name of the new user. For example, *Mary Parker*. |
| 43 | + |
| 44 | + - **User name **. Required. The user name of the new user. For example, `[email protected]`. |
| 45 | + |
| 46 | + - **Groups**. Optionally, you can add the user to one or more existing groups. |
| 47 | + |
| 48 | + - **Directory role**: If you require Azure AD administrative permissions for the user, you can add them to an Azure AD role. |
| 49 | + |
| 50 | + - **Job info**: You can add more information about the user here. |
| 51 | + |
| 52 | +1. Copy the autogenerated password provided in the **Password** box. You'll need to give this password to the user to sign in for the first time. |
| 53 | + |
| 54 | +1. Select **Create**. |
| 55 | + |
| 56 | +The user is created and added to your Azure AD organization. |
| 57 | + |
| 58 | +To read or update a user, search for and select the user such as, _Mary Parker_. Change any property and click **Save**. |
| 59 | + |
| 60 | +### Delete a user |
| 61 | + |
| 62 | +To delete a user, follow these steps: |
| 63 | + |
| 64 | +1. Search for and select the user you want to delete from your Azure AD tenant. For example, _Mary Parker_. |
| 65 | + |
| 66 | +1. Select **Delete user**. |
| 67 | + |
| 68 | +  |
| 69 | + |
| 70 | + |
| 71 | +The user is deleted and no longer appears on the **Users - All users** page. The user can be seen on the **Deleted users** page for the next 30 days and can be restored during that time. |
| 72 | + |
| 73 | +When a user is deleted, any licenses consumed by the user are made available for other users. |
| 74 | + |
| 75 | +## Use RSAT tools to connect to an Azure AD DS managed domain and view users |
| 76 | + |
| 77 | +Sign in to an administrative workstation with a user account that's a member of the *AAD DC Administrators* group. The following steps require installation of [Remote Server Administration Tools (RSAT)](tutorial-create-management-vm.md#install-active-directory-administrative-tools). |
| 78 | + |
| 79 | +1. From the **Start** menu, select **Windows Administrative Tools**. The Active Directory Administration Tools are listed. |
| 80 | + |
| 81 | +  |
| 82 | + |
| 83 | +1. Select **Active Directory Administrative Center**. |
| 84 | +1. To explore the managed domain, choose the domain name in the left pane, such as *aaddscontoso*. Two containers named *AADDC Computers* and *AADDC Users* are at the top of the list. |
| 85 | + |
| 86 | +  |
| 87 | + |
| 88 | +1. To see the users and groups that belong to the managed domain, select the **AADDC Users** container. The user accounts and groups from your Azure AD tenant are listed in this container. |
| 89 | + |
| 90 | + In the following example output, a user account named *Contoso Admin* and a group for *AAD DC Administrators* are shown in this container. |
| 91 | + |
| 92 | +  |
| 93 | + |
| 94 | +1. To see the computers that are joined to the managed domain, select the **AADDC Computers** container. An entry for the current virtual machine, such as *myVM*, is listed. Computer accounts for all devices that are joined to the managed domain are stored in this *AADDC Computers* container. |
| 95 | + |
| 96 | +You can also use the *Active Directory Module for Windows PowerShell*, installed as part of the administrative tools, to manage common actions in your managed domain. |
| 97 | + |
| 98 | +## Next steps |
| 99 | +* [Azure AD DS Overview](overview.md) |
0 commit comments