Acknowledgments | p. xxi |
Introduction | p. xxiii |
Introducing Active Directory | |
The Active Directory Environment | p. 3 |
What is Active Directory? | p. 4 |
Flexible Security | p. 6 |
DNS Integration | p. 8 |
Fault Tolerance and Bandwidth Management | p. 10 |
The Data Storehouse | p. 12 |
Uniform Interface | p. 15 |
Summary | p. 16 |
Active Directory Concepts | p. 17 |
Mixed Mode and Native Mode | p. 19 |
A Closer Look at the Active Directory Network | p. 21 |
Operations Masters | p. 23 |
Multiple Domains | p. 27 |
Naming Objects in Active Directory | p. 31 |
Summary | p. 36 |
Setting Up Your Network | |
Active Directory with TCP/IP and DNS | p. 39 |
Active Directory and DNS | p. 40 |
How DNS Works | p. 40 |
The DNS Namespace | p. 45 |
Understanding Zones | p. 46 |
Active Directory--Integrated Zones | p. 48 |
Dynamic Updates | p. 48 |
How Active Directory Uses DNS | p. 50 |
Installing DNS Server | p. 52 |
Configuring DNS | p. 53 |
Migrating DNS Data to Windows 2000 DNS Server | p. 67 |
Interoperating with Other DNS Servers | p. 68 |
Sites and Subnets in Active Directory | p. 69 |
Subnets and Sites | p. 70 |
Configuring Active Directory Sites | p. 71 |
Defining Active Directory Subnets | p. 74 |
Placing Servers in Sites | p. 76 |
Summary | p. 79 |
Understanding Replication | p. 81 |
Replication and Active Directory | p. 82 |
Replication Topology | p. 91 |
Replication and the KCC | p. 92 |
Connection Objects | p. 93 |
Managing Intrasite Replication | p. 94 |
Viewing Connection Objects and Properties | p. 96 |
Creating a New Connection Object | p. 98 |
Checking the Replication Topology | p. 100 |
Forcing Replication Manually | p. 101 |
Intersite Replication | p. 102 |
Configuring Site Links | p. 104 |
Configuring Site Link Bridges | p. 109 |
Configuring a Preferred Bridgehead Server | p. 113 |
Managing and Monitoring Replication | p. 115 |
Repadmin | p. 115 |
Replication Monitor | p. 117 |
Performance Monitor | p. 129 |
Network Monitor | p. 131 |
Summary | p. 132 |
Users and Groups | p. 133 |
A Quick Look at Windows NT and Windows 2000 Security | p. 134 |
Understanding Groups | p. 135 |
Distribution Groups | p. 136 |
Security Groups | p. 136 |
Predefined and Built-In Groups | p. 140 |
Managing Users and Groups | p. 142 |
Creating New Users | p. 143 |
Adding or Removing Users from Groups | p. 146 |
Viewing and Modifying User Properties | p. 149 |
Moving Users | p. 154 |
Deleting, Disabling, and Renaming User Accounts | p. 156 |
Creating or Deleting a User Principal Name (UPN) Suffix | p. 157 |
Creating Groups | p. 159 |
Adding or Removing Groups from Other Groups | p. 161 |
Viewing and Modifying Group Properties | p. 162 |
Moving Groups | p. 163 |
Deleting Groups | p. 163 |
Assigning Permissions | p. 164 |
Ownership | p. 167 |
Setting Inheritance | p. 168 |
Delegation of Control | p. 170 |
Summary | p. 172 |
Group Policy | p. 173 |
What Is Group Policy? | p. 174 |
A Look at Policy in Active Directory | p. 176 |
Local Policy | p. 176 |
Default Policy | p. 178 |
Group Policy Objects | p. 179 |
System Policy | p. 179 |
Setting Up Group Policy | p. 180 |
How Group Policies Are Processed | p. 184 |
Where Group Policies Are Stored | p. 186 |
How Group Policies Interact | p. 187 |
Creating a Group Policy Snap-In | p. 188 |
Understanding Group Policy Options | p. 191 |
Templates | p. 192 |
Links | p. 194 |
Filtering Group Policy | p. 195 |
Setting Group Policies that Control Group Policy | p. 197 |
Specifying a Domain Controller | p. 197 |
Group Policy Strategies | p. 201 |
Summary | p. 203 |
Setting Up Active Directory | p. 205 |
The Deployment Process | p. 206 |
Do You Really Need Active Directory? | p. 207 |
Planning and Implementing a Test Site | p. 209 |
Planning and Implementing a Pilot Site | p. 211 |
Planning Your Active Directory Network | p. 212 |
Axioms, Tips, and Best Practices | p. 215 |
Planning Your Active Directory Rollout | p. 222 |
Executing Your Active Directory Rollout | p. 230 |
Active Directory System Requirements | p. 231 |
Installing Windows 2000 | p. 232 |
Important Setup Procedures | p. 250 |
Installing the Windows 2000 Support Tools | p. 250 |
Switching to Native Mode | p. 251 |
Configuring Global Catalog Servers | p. 252 |
Creating an OU | p. 252 |
Delegating Control of an OU | p. 253 |
Moving Objects | p. 254 |
Demoting a Domain Controller | p. 254 |
Summary | p. 255 |
Managing Active Directory | p. 257 |
Backing Up and Restoring the Active Directory | p. 258 |
Backing Up System State Data | p. 260 |
Replication Restore | p. 261 |
Nonauthoritative Restore | p. 262 |
Authoritative Restore | p. 264 |
Modifying the Directory | p. 265 |
Managing Files and Folders in Active Directory | p. 280 |
Publishing Folders | p. 280 |
Managing Files and Folders through Group Policy | p. 283 |
Managing Printers in Active Directory | p. 286 |
Managing Software in Active Directory | p. 289 |
Assigning Software | p. 291 |
Publishing Software | p. 293 |
Creating a .zap File | p. 294 |
Configuring Software Installation Policy Properties | p. 295 |
Managing the User Desktop Through Group Policy | p. 297 |
Folder Redirection | p. 298 |
Managing Operations Masters | p. 300 |
Reassigning the Schema Master | p. 300 |
Reassigning the Domain Naming Master | p. 301 |
Reassigning the RID Master, PDC Emulator, or Infrastructure Master | p. 302 |
Summary | p. 303 |
Active Directory Clients | p. 305 |
Understanding Client Options | p. 306 |
Windows 2000 Professional Hardware Requirements | p. 308 |
Windows 2000 Clients | p. 311 |
Windows NT Clients | p. 312 |
Windows 95/98 Clients | p. 312 |
Clients from Other Networking Systems | p. 314 |
Address Book | p. 315 |
Managing Clients | p. 316 |
Computer Management Tool | p. 317 |
AD Users and Computers | p. 318 |
Managing the Network from Clients | p. 331 |
Summary | p. 333 |
Mastering Active Directory | |
Active Directory Schema | p. 337 |
What Is the Schema? | p. 338 |
Attributes, Syntaxes, and Schema Classes | p. 341 |
The Schema Cache | p. 346 |
Modifying the Schema | p. 349 |
Schema Changes and the Schema Master | p. 351 |
Generating an X.500 Object ID | p. 354 |
Working with Active Directory Schema | p. 356 |
Working with ADSI Editor | p. 372 |
Summary | p. 376 |
Active Directory Security | p. 377 |
Kerberos | p. 378 |
What Is Kerberos? | p. 379 |
How Does Kerberos Work in Windows 2000? | p. 384 |
Configuring Kerberos | p. 387 |
Interoperating Windows 2000 Kerberos | p. 394 |
What Kerberos Doesn't Prevent | p. 397 |
Understanding Security Policy | p. 398 |
Account Policies | p. 400 |
Local Policies | p. 402 |
Event Log | p. 405 |
Restricted Groups | p. 405 |
System Services | p. 407 |
Registry | p. 408 |
File System | p. 410 |
Public Key Policies | p. 411 |
IP Security Policies | p. 411 |
Summary | p. 432 |
Scripting Active Directory | p. 433 |
Scripting in the Active Directory Environment | p. 434 |
Interfaces | p. 435 |
What Is Windows Scripting Host? | p. 438 |
Configuring Script Files | p. 439 |
cscript.exe | p. 442 |
wscript.exe | p. 443 |
Setting the Default Scripting Host | p. 444 |
Debugging Scripts | p. 444 |
Logon Scripts | p. 446 |
User Logon Scripts | p. 447 |
Policy Scripts | p. 448 |
Built-in Scripts | p. 451 |
Executing Scripts Automatically | p. 452 |
Running UNIX Scripts in Windows 2000 | p. 457 |
Summary | p. 458 |
Interoperating Windows 2000 | p. 459 |
Windows 2000 and NetWare | p. 460 |
Configuring Windows 2000 for NetWare | p. 460 |
Services for NetWare | p. 473 |
Windows 2000 and UNIX-Based Systems | p. 474 |
Connectivity Utilities | p. 476 |
Interoperating Printers with UNIX | p. 488 |
Telnet Server | p. 490 |
Simple TCP/IP Services | p. 496 |
Services for UNIX | p. 497 |
Windows 2000 and Macintosh | p. 498 |
File Services for Macintosh | p. 500 |
Print Services for Macintosh | p. 510 |
Supporting AppleTalk | p. 515 |
Active Directory in the Microsoft Exchange Environment | p. 519 |
Organizing and Optimizing Connection Agreements | p. 524 |
Implementing an Exchange Server Connection | p. 525 |
Managing the Active Directory Connector | p. 532 |
Summary | p. 535 |
Index | p. 537 |
Table of Contents provided by Syndetics. All Rights Reserved. |