Active Directory is a distributed multimaster replicated database. All domain controllers host a full replica of the domain information for its own domain. Domain controllers in Windows 2000 and Windows Server 2003 environments hold a read/write copy of the Active Directory database. In these environments, changes can be made to the Active Directory database on any domain controller within the Active Directory environment. Replication is the process that ensures that changes made to a replica on
[ read more ]
Maintaining an Active Directory is a very important administrative task that one must schedule regularly to ensure that, in case of disaster, you can recover your lost or corrupted data and can repair the active directory database.
Extensible Storage Engine (ESE) is the active directory database, which manage all the active directory objects in active directory database. Any of the data modification affects database performance, database fragmentation and data integrity.
Active Directory Datab
[ read more ]
A group can be defined as a collection of accounts that are grouped together so that Administrators can assign permissions and rights to the group as a single entity. This removes the need for an Administrator to individually assign permissions and rights to each account. Therefore, while a user account is associated with an individual or entity, a group account or a group is created to simplify the administration of multiple user accounts (users). When permissions are granted to a group, all ac
[ read more ]
Active Directory security is determined by the following components:
* Security groups: A security group is a made up of a set of users, and is created to assign permissions to access resources, and to assign user rights to group members. Permissions control access to resources, while user rights define what actions users can perform. Security groups are considered security principal accounts because they can contain user accounts. It is the security principal accounts that are used in authen
[ read more ]
Groups are containers that contain user and computer objects within them as members. When security permissions are set for a group in the Access Control List on a resource, all members of that group receive those permissions. Domain Groups enable centralized administration in a domain. All domain groups are created on a domain controller.
In a domain, Active Directory provides support for different types of groups and group scopes. The group type determines the type of task managed with the g
[ read more ]
