donderdag 14 januari 2010 11:47
Kurt Roggen
Active Directory Web Services (ADWS) and Active Directory Management Gateway Service (ADMGS)
Active Directory Web Services (ADWS) is a (new) windows service that enables remote management of any local directory service instance using WS-* (Web Services) protocols and is only present on domain controllers running Windows Server 2008 R2.
In a non-Windows Server 2008 R2 domain controller environment, the Active Directory Management Gateway Service enables administrators to use the Active Directory module for PowerShell and/or the “Active Directory Administrative Center” (ADAC) snapin - built on-top of PS and only available and running on Windows Server 2008 R2 or Windows 7 - to access or manage directory service instances that are running on Windows Server 2008 or Windows Server 2003 operating systems in the list below.
The Active Directory Management Gateway Service provides a web service interface to Active Directory domains and instances of Active Directory Lightweight Directory Services (AD LDS) or Active Directory Application Mode (ADAM) that are running on the same server as the Active Directory Management Gateway Service.
You can download and install the Active Directory Management Gateway Service on servers and domain controllers running the following operating systems:
- Windows Server 2003 R2 with Service Pack 2 (SP2)
- Windows Server 2003 SP2
- Windows Server 2008
- Windows Server 2008 SP2
The ADGMS provides the same ADWS functionality in a non-Windows Server 2008 R2 domain controller environment, hence its name “Management Gateway” service.
Here’s how the architecture looks like.
ADWS manages all directory service instances running on the server, including Domain Controller, Global Catalog and ADLDS instances.
The AD Web Service is implemented using WCF (Windows Communication Foundations) and listens on the registered TCP port 9389.
So in this way, you could start using the PowerShell modules for Active Directory from your Windows 7 workstation to automate some directory operations.
To get a list of available PS modules, use the cmdlet Get-Module.
PS:\> Get-Module –ListAvailable
To use a module, use the cmdlet Import-Module
PS:\> Import-Module ActiveDirectory
To get the cmdlets imported from a module, use the Get-Command cmdlet with the –Module parameter
PS:\> Get-Command –Module ActiveDirectory
To get a better understanding about the Active Directory PowerShell model, have a look below:
NOTE: You can install the Active Directory Management Gateway Service on writable domain controllers as well as read-only domain controllers that are running Windows Server 2008 or Windows Server 2008 SP2.
After it is installed on any of these operating systems, the Active Directory Management Gateway Service runs as the Windows Server 2008 R2 Active Directory Web Services (ADWS) service and provides the same functionality.
For more information about ADWS, see What's New in AD DS: Active Directory Web Services
NOTE: Installing the Active Directory Management Gateway Service on your Windows Server 2008–based or Windows Server 2003–based servers does not make it possible for you to install the Active Directory module or the Active Directory Administrative Center (which is available only on Windows Server 2008 R2 or Windows 7 operating systems) on these servers.
If the Active Directory Management Gateway Service on your Windows Server 2008 or Windows Server 2003 server is stopped or disabled, client applications, such as the Active Directory module or the Active Directory Administrative Center will not be able to access or manage any directory service instances that are running on this server.
Download ADMGS here
For more information:
Filed under: ActiveDirectory, WindowsServer2008R2, Powershell