When a change is made to a domain, the change is replicated across all of the domain controllers in the domain. Some changes, such as those made to the schema, are replicated across all of the domains in the forest. This replication is called multimaster replication. But few changes are practically not possible to perform with multimaster replication, so a domain controller known as Operations Master takes such type of changes to perform. Five Operations Master Roles are given to one or more domain controllers in each forest. Operations Master Read More
Active Directory Organizational Units
An object is a set of attributes that represents a network resource, say a user, a computer, a group policy, etc and object attributes are characteristics of that object stored in the directory. For example, some of the attributes of a user object might include the user's first name, last name, department, and e-mail address in addition to others. Organizational units act as a container for objects. Objects can be arranged according to security and administrative requirement in an organization. You can easily manage and locate objects after arranging them Read More
Global Catalog
The global catalog is a distributed data repository that is stored in global catalog servers and issued via multimaster replication. It basically is composed of a representation (partial) of every object in the multidomain Active Directory forest that can also be searched. The global catalog is used because searches can be made faster because they don't need to go through the hassle of involving referrals to different domain controllers. In addition, the global catalog allows finding an object that you wish without needing to know the object's domain name. This Read More
Replication Topology in Active Directory
Replication Topology is the route by which replication data travels throughout a network. Replication occurs between two domain controllers at a time. Over time, replication synchronizes information in Active Directory for an entire forest of domain controllers. To create a replication topology active directory must determine which domain controller's replicate data with other domain controllers. The Knowledge Consistency Checker (KCC) is a built-in process that runs on each domain controller and regenerates the replication topology for all directory partitions that are contained on that domain controller. The KCC runs at Read More
Group Policy Terminology and Concepts
What is Group Policy Group Policy is an Active Directory feature that provides the means for you to effectively and efficiently manage large numbers of computers. You can manage both user and computer configuration settings centrally, from one position of administration. You can define group policies as being a collection of user and computer configuration settings which you can link to the following components: Computers Sites Domains Organizational Units (OUs) Once linked, Group Policy defines the manner in which the operating system, network resources, and applications and programs operate for Read More
Backing Up and Restoring Active Directory
An Overview on Backing up and Restoring Active Directory To ensure availability of mission critical resources and network objects, and business continuity, you would need to perform back ups of Active Directory if it is running in your environment. This is because Active Directory normally hosts mission critical data, and resources. Backups are typically preformed for a number of reasons, including the following: Protect your network environment from the accidental deletion of, or modification of data, and from hardware failures: Having a readily accessible back up of Active Directory would Read More
How to Delegate Administrator Privileges in Active Directory
The primary reason to create organizational units is to distribute administrative tasks across the organization by delegating administrative control to other administrators. Delegation is especially important when a decentralized administrative model is developed. Delegation of administration is the process of decentralizing the responsibility for managing organizational units from a central administrator to other administrators. The ability to establish access to individual organizational units is an important security feature in Active Directory. Users can control access to the lowest level of an organization without having to create many active directory domains. Read More
Active Directory
Active Directory (AD) is a structure used on computers and servers running the Microsoft Windows operating system (OS). AD is used to store network, domain, and user information and was originally created by Microsoft in 1996. It was first deployed on Microsoft Windows 2000. Active directories provide a number of functions to include providing information regarding objects optimized for fast access and / or retrieval. This allows administrators to setup security, push computer updates, and acts as a hierarchical structure. The structure is normally configured in three categories to include: Read More
How to Backup Active Directory
Backing up Active Directory is essential to maintaining an Active Directory database. Users can back up Active Directory with the Graphical User Interface (GUI) and command-line tools that the Windows Server 2003 family provides. Users should frequently backup the system state data on domain controllers so that they can restore the most current data. By establishing a regular backup schedule, there is a better chance of recovering data when necessary. To ensure a good backup includes at least the system state data and contents of the system disk, the user Read More
Managing Recipient Objects, Address Lists, and Distribution and Administrative Groups
Recipient Objects Overview Active Directory objects such as user accounts, contacts and groups become recipient objects when e-mail address information is added to the object. The public folder is another type of recipient object. A public folder does not however usually have its own an email address. Exchange Server 2003 supports the following types of recipient objects: User recipient objects: This recipient object type is created and managed using the Active Directory Users And Computers management console. User recipient objects are associated with the user accounts in the Active Directory Read More
Share on: