Active Directory provides a method for designing a directory structure that meets the needs of the organization. Active Directory stores information about network resources, as well as all the services that make the information available and useful. The resources stored in the directory, such as user data, printers, servers, databases, groups, computers and security policies are known as objects.
An object is a distinct named set of attributes that represents a network resource. Object attributes are characteristics of objects in the directory. For example, the attributes of a user account might include the user’s first and last names, department, and email address, etc.
The core unit of logical structure in Active Directory is the domain, which can store millions of objects. All network objects exist within a domain, and each domain stores information only about the objects it contains. Active Directory is made up of one or more domains. A domain can span more than one physical location. There are several new concepts introduced with Active Directory, including the global catalogue, replication, trust relationships, DNS namespaces, and naming conventions.
The primary Active Directory administration tasks are configuring and administering Active Directory, administering users and groups, securing network resources, administering the desktop computing environment, securing active directory & Managing Active Directory performance. The primary Windows 2000 Active Directory administration tools are the Active Directory administrative tools, Microsoft Management Console, and the Task Scheduler.
An object is a distinct named set of attributes that represents a network resource. Object attributes are characteristics of objects in the directory. For example, the attributes of a user account might include the user’s first and last names, department, and email address, etc.
The core unit of logical structure in Active Directory is the domain, which can store millions of objects. All network objects exist within a domain, and each domain stores information only about the objects it contains. Active Directory is made up of one or more domains. A domain can span more than one physical location. There are several new concepts introduced with Active Directory, including the global catalogue, replication, trust relationships, DNS namespaces, and naming conventions.
The primary Active Directory administration tasks are configuring and administering Active Directory, administering users and groups, securing network resources, administering the desktop computing environment, securing active directory & Managing Active Directory performance. The primary Windows 2000 Active Directory administration tools are the Active Directory administrative tools, Microsoft Management Console, and the Task Scheduler.
The Active Directory Installation Wizard
The Active Directory installation wizard can perform the following tasks:
Add a domain controller to an existing domain.
Create the first domain controller of a new domain
Create a new child domain
Create a new domain tree
Install a DNS server
Create the database and database log files
Create the shared system volume
Remove Active Directory services from a domain controller
To launch the Active Directory Installation Wizard, run Configure your server on the Administrative Tools menu of the Start Menu.
As you install Active Directory, you can choose whether to add the new domain controller to an existing domain or create the first domain controller for a new domain.
Add a domain controller to an existing domain.
Create the first domain controller of a new domain
Create a new child domain
Create a new domain tree
Install a DNS server
Create the database and database log files
Create the shared system volume
Remove Active Directory services from a domain controller
To launch the Active Directory Installation Wizard, run Configure your server on the Administrative Tools menu of the Start Menu.
As you install Active Directory, you can choose whether to add the new domain controller to an existing domain or create the first domain controller for a new domain.
User Account Administration
A user account provides a user with the ability to log on to the domain to gain access to network resources or to log on to a computer to gain access to resources on that computer. Each person who regularly uses the network should have a unique user account.
Windows 2000 provides different types of user accounts: local user accounts, domain user accounts, and built-in user accounts.
Local user account: With this account a user logs on to a specific computer to gain access to resources on that computer.
Domain user account: With this account a user can log on to the domain to gain access to network resources.
Built-in user accounts: These accounts are used to perform administrative tasks or to gain access to network resources.
Windows 2000 provides different types of user accounts: local user accounts, domain user accounts, and built-in user accounts.
Local user account: With this account a user logs on to a specific computer to gain access to resources on that computer.
Domain user account: With this account a user can log on to the domain to gain access to network resources.
Built-in user accounts: These accounts are used to perform administrative tasks or to gain access to network resources.
Creating Local User Accounts:
1. Start --Settings---Control Panel---Administrative Tools---Computer Management
2. Expand the Local Users and Groups snap-in, right click Users and select New User.
1. Start --Settings---Control Panel---Administrative Tools---Computer Management
2. Expand the Local Users and Groups snap-in, right click Users and select New User.
Local user accounts can’t be created in the Domain Controller and is possible with the Clients only.
Creating Domain User Accounts:
1. Start Programs Administrative Tools Active Directory Users and Computers
2. Click the Domain, right click the Users container, point to New, and Click User
Creating Domain User Accounts:
1. Start Programs Administrative Tools Active Directory Users and Computers
2. Click the Domain, right click the Users container, point to New, and Click User
. In the New Object-User dialog box, set the domain user name options and click Next to obtain Password Properties.
User Account Properties
A set of default properties is associated with each user account that you create. After you create user account you can configure personal and account properties, logon options and others. For domain users, these account properties equate to object attributes.
You can use the properties that you define for a domain user account to search for users in the directory or for use in other applications as objects’ attributes. For this reason, you should provide detailed definitions for each domain user account that you create.
a) Setting Personal Properties: Four of the tabs in the Properties dialog box contain personal information about each user account. These tabs are General, Address, Telephones, and Organization.
You can use the properties that you define for a domain user account to search for users in the directory or for use in other applications as objects’ attributes. For this reason, you should provide detailed definitions for each domain user account that you create.
a) Setting Personal Properties: Four of the tabs in the Properties dialog box contain personal information about each user account. These tabs are General, Address, Telephones, and Organization.
b) Setting Account Properties: Use the Account tab in the Properties dialog box to set options for a domain user account.
Setting Logon Hours: Set logon hours to control when a user can log on to the domain.
Setting the Computers from Which Users can Log On: Setting logon options for a domain user account allows you to control the computers from which a user can log on to the domain.
Creating User Profiles
Setting the Computers from Which Users can Log On: Setting logon options for a domain user account allows you to control the computers from which a user can log on to the domain.
Creating User Profiles
A user profile is a collection of folders and data that stores the user’s current desktop environment, application settings, and personal data. A user profile also contains all of the network connections that are established when a user logs on to a computer, such as Start menu items and mapped drives to network servers. User profiles maintain consistency for users in there desktop environments by providing each user with the same desktop environment that he or she had the last time that he or she logged on to the computer.
Advantages of User Profiles:
Advantages of User Profiles:
More than one user can use the same computer, and each receives desktop settings when he or she logs on.
When users log on to their workstation, they receive the desktop settings as they existed when they logged off.
Customization of the desktop environment by one user does not affect another user’s settings.
User profiles can be stored on a server so that they can follow users to any computer running Windows NT or Windows 2000 on the network. These are called roaming user profiles.
Application settings are retained for applications that are Windows 2000-certified.
When users log on to their workstation, they receive the desktop settings as they existed when they logged off.
Customization of the desktop environment by one user does not affect another user’s settings.
User profiles can be stored on a server so that they can follow users to any computer running Windows NT or Windows 2000 on the network. These are called roaming user profiles.
Application settings are retained for applications that are Windows 2000-certified.
Profile Types:
There are three types of user profiles:
Local User Profile: A local user profile is created the first time you log on to a computer and is stored on a computer’s local hard disk. Any changes made to your local user profile are specific to the computer on which you make the changes.
Local User Profile: A local user profile is created the first time you log on to a computer and is stored on a computer’s local hard disk. Any changes made to your local user profile are specific to the computer on which you make the changes.
2. Roaming User Profile
No comments:
Post a Comment