Search our site for answers
Help Docs Server Administration Windows Server Administration Getting Started with Active Directory as a Service (ADaaS)

Getting Started with Active Directory as a Service (ADaaS)

Managed Microsoft Active Directory (ADaaS) is a LiquidWeb MES (Managed Engineered Service) offering where we fully support and assist in managing a dedicated ADDS implementation for customer use.
Getting Started Windows Server Management
3 min read

ADDS (Active Directory Domain Services) is a Microsoft technology that allows easy, centralized user and computer authentication and management, operating system configuration, and permissions management.

Managed Microsoft Active Directory (ADaaS) is a LiquidWeb MES (Managed Engineered Service) offering where we fully support and assist in managing a dedicated ADDS implementation for customer use. This product is primarily designed to be a backing service for other LiquidWeb MES that depend on the health and availability of ADDS for cross-server communication and authentication. Using products like Microsoft Distributed File System (DFS), Managed Exchange, or Managed Data Protection Manager (DPM) requires an Active Directory structure and our ADaaS is the simplest and most cost effective tool for accessing these systems.

Active Directory is also required if you want to have more than two simultaneous Remote Desktop Users accessing your server via Terminal Server Licensing.

Now that you know the advantages of using ADaaS, we can get into the details of what you need to know to make effective use of this product for your Windows Server.

Users and Groups

ADaaS, like any Active Directory system, requires specific users and groups to effectively manage your server. Liquid Web will handle the initial setup of all users and groups. Customers can then manage the users directly to update passwords or unlock accounts as needed.

Setting up your ADaaS users

As stated earlier, initial user creation will need to be performed by Liquid Web technicians. In order to create a user, Liquid Web requires the following information:

  • First Name
  • Last Name
  • Username
  • Password (This is optional as we can generate passwords for you and share them back with you using a one-time secret. Any password used must meet complexity requirements).
  • What group(s) should the user be assigned to

The best way to share this information with Liquid Web is through a Secure Note (also called a One Time Secret). For help with creating a secure note, see Using One-Time Secret for Password Protection.

Management Groups

Like all Windows servers, ADaaS assigns permissions through the use of groups. Each ADaaS account is configured to use four default user groups for managing your account.

  1. Customer Servers – RDP: This group adds users to the Remote Desktop users group making them standard Remote Desktop Users.
  2. Customer Servers – Manage: This group makes the users local Administrators. This gives them full access.
  3. Customer Users – Reset PW: This group gives the user permissions to reset other users passwords. For more information about resetting passwords, see Resetting Passwords in ADAAS.
  4. Customer Users – Unlock: This group gives the user permissions to unlock other users accounts.

Scoping IP Addresses

For security and stability, we recommend “scoping” access to your servers to trusted IP addresses. For more information on scoping IP addresses, see Scoping Ports in Windows Firewall. If your server configuration utilizes a hardware firewall, our team can help modify firewall rules to allow access to your servers.

Was this article helpful?