Group Policy gives users administrative control over people and computers in the user’s network. By using Group Policy, users can define the state of someone’s work environment once, then rely on Windows Server 2003 to continually force the Group Policy settings applied across an entire organization or to specific groups of people and computers. Group …
Recipient Objects Overview Active Directory objects such as user accounts, contacts and groups become recipient objects when e-mail address information is added to the object. The public folder is another type of recipient object. A public folder does not however usually have its own an email address. Exchange Server 2003 supports the following types of …
When Active Directory was launched in Windows 2000, one of its key design features was to ease the process of deploying software within an organization. To this end, Microsoft included the ability to deploy and distribute software with Group Policy. IntelliMirror technologies include Group Policy software installation to simplify the management necessary for large quantities …
Folder Redirection is a Group Policy feature that enables users to redirect the system folders containing the profile of a user on the network, through the use of the Folder Redirection node in the Group Policy Object Editor console. This basically makes folder redirection a user configuration option. Through the use of the Folder Redirection …
What Resources can be published in Active Directory When you make Active Directory objects available to users, you are publishing the Active Directory resource. The resources that can be published in Active Directory include the Active Directory resources listed below: User objects Computer objects Printer objects Folders and files Network services The two primary published …
A domain is a collection of computers and resources that share a common security database, in this case, the Active Directory database. Computers in the domain also have a common namespace. A namespace is the hierarchical grouping of service and object names that are stored in Active Directory and DNS. Active Directory and DNS namespaces …
Groups are containers that contain user and computer objects within them as members. When security permissions are set for a group in the Access Control List on a resource, all members of that group receive those permissions. Domain Groups enable centralized administration in a domain. All domain groups are created on a domain controller. In …
Active Directory is a distributed multimaster replicated database. All domain controllers host a full replica of the domain information for its own domain. Domain controllers in Windows 2000 and Windows Server 2003 environments hold a read/write copy of the Active Directory database. In these environments, changes can be made to the Active Directory database on …
The initial Windows NT versions were designed as single master network environments. The primary domain controller (PDC) was responsible for managing the domain database’s master copy. The PDC was therefore responsible for replicating any changes to the backup domain controllers (BDCs). In these environments, any changes had to be performed on the PDC, which then …
Understanding Active Directory Security Principal Accounts Active Directory consists of a considerable number of objects, and variety of objects, of which, security principal accounts are one. Security principal accounts are Active Directory objects that are assigned unique security identifiers (SIDs), and are therefore used in authentication and Active Directory security. A security principal account can …