| Acknowledgments | p. xxi |
| Introduction | p. xxiii |
| Introducing Active Directory | |
| The Active Directory Environment | p. 3 |
| What is Active Directory? | p. 4 |
| Flexible Security | p. 6 |
| DNS Integration | p. 8 |
| Fault Tolerance and Bandwidth Management | p. 10 |
| The Data Storehouse | p. 12 |
| Uniform Interface | p. 15 |
| Summary | p. 16 |
| Active Directory Concepts | p. 17 |
| Mixed Mode and Native Mode | p. 19 |
| A Closer Look at the Active Directory Network | p. 21 |
| Operations Masters | p. 23 |
| Multiple Domains | p. 27 |
| Naming Objects in Active Directory | p. 31 |
| Summary | p. 36 |
| Setting Up Your Network | |
| Active Directory with TCP/IP and DNS | p. 39 |
| Active Directory and DNS | p. 40 |
| How DNS Works | p. 40 |
| The DNS Namespace | p. 45 |
| Understanding Zones | p. 46 |
| Active Directory--Integrated Zones | p. 48 |
| Dynamic Updates | p. 48 |
| How Active Directory Uses DNS | p. 50 |
| Installing DNS Server | p. 52 |
| Configuring DNS | p. 53 |
| Migrating DNS Data to Windows 2000 DNS Server | p. 67 |
| Interoperating with Other DNS Servers | p. 68 |
| Sites and Subnets in Active Directory | p. 69 |
| Subnets and Sites | p. 70 |
| Configuring Active Directory Sites | p. 71 |
| Defining Active Directory Subnets | p. 74 |
| Placing Servers in Sites | p. 76 |
| Summary | p. 79 |
| Understanding Replication | p. 81 |
| Replication and Active Directory | p. 82 |
| Replication Topology | p. 91 |
| Replication and the KCC | p. 92 |
| Connection Objects | p. 93 |
| Managing Intrasite Replication | p. 94 |
| Viewing Connection Objects and Properties | p. 96 |
| Creating a New Connection Object | p. 98 |
| Checking the Replication Topology | p. 100 |
| Forcing Replication Manually | p. 101 |
| Intersite Replication | p. 102 |
| Configuring Site Links | p. 104 |
| Configuring Site Link Bridges | p. 109 |
| Configuring a Preferred Bridgehead Server | p. 113 |
| Managing and Monitoring Replication | p. 115 |
| Repadmin | p. 115 |
| Replication Monitor | p. 117 |
| Performance Monitor | p. 129 |
| Network Monitor | p. 131 |
| Summary | p. 132 |
| Users and Groups | p. 133 |
| A Quick Look at Windows NT and Windows 2000 Security | p. 134 |
| Understanding Groups | p. 135 |
| Distribution Groups | p. 136 |
| Security Groups | p. 136 |
| Predefined and Built-In Groups | p. 140 |
| Managing Users and Groups | p. 142 |
| Creating New Users | p. 143 |
| Adding or Removing Users from Groups | p. 146 |
| Viewing and Modifying User Properties | p. 149 |
| Moving Users | p. 154 |
| Deleting, Disabling, and Renaming User Accounts | p. 156 |
| Creating or Deleting a User Principal Name (UPN) Suffix | p. 157 |
| Creating Groups | p. 159 |
| Adding or Removing Groups from Other Groups | p. 161 |
| Viewing and Modifying Group Properties | p. 162 |
| Moving Groups | p. 163 |
| Deleting Groups | p. 163 |
| Assigning Permissions | p. 164 |
| Ownership | p. 167 |
| Setting Inheritance | p. 168 |
| Delegation of Control | p. 170 |
| Summary | p. 172 |
| Group Policy | p. 173 |
| What Is Group Policy? | p. 174 |
| A Look at Policy in Active Directory | p. 176 |
| Local Policy | p. 176 |
| Default Policy | p. 178 |
| Group Policy Objects | p. 179 |
| System Policy | p. 179 |
| Setting Up Group Policy | p. 180 |
| How Group Policies Are Processed | p. 184 |
| Where Group Policies Are Stored | p. 186 |
| How Group Policies Interact | p. 187 |
| Creating a Group Policy Snap-In | p. 188 |
| Understanding Group Policy Options | p. 191 |
| Templates | p. 192 |
| Links | p. 194 |
| Filtering Group Policy | p. 195 |
| Setting Group Policies that Control Group Policy | p. 197 |
| Specifying a Domain Controller | p. 197 |
| Group Policy Strategies | p. 201 |
| Summary | p. 203 |
| Setting Up Active Directory | p. 205 |
| The Deployment Process | p. 206 |
| Do You Really Need Active Directory? | p. 207 |
| Planning and Implementing a Test Site | p. 209 |
| Planning and Implementing a Pilot Site | p. 211 |
| Planning Your Active Directory Network | p. 212 |
| Axioms, Tips, and Best Practices | p. 215 |
| Planning Your Active Directory Rollout | p. 222 |
| Executing Your Active Directory Rollout | p. 230 |
| Active Directory System Requirements | p. 231 |
| Installing Windows 2000 | p. 232 |
| Important Setup Procedures | p. 250 |
| Installing the Windows 2000 Support Tools | p. 250 |
| Switching to Native Mode | p. 251 |
| Configuring Global Catalog Servers | p. 252 |
| Creating an OU | p. 252 |
| Delegating Control of an OU | p. 253 |
| Moving Objects | p. 254 |
| Demoting a Domain Controller | p. 254 |
| Summary | p. 255 |
| Managing Active Directory | p. 257 |
| Backing Up and Restoring the Active Directory | p. 258 |
| Backing Up System State Data | p. 260 |
| Replication Restore | p. 261 |
| Nonauthoritative Restore | p. 262 |
| Authoritative Restore | p. 264 |
| Modifying the Directory | p. 265 |
| Managing Files and Folders in Active Directory | p. 280 |
| Publishing Folders | p. 280 |
| Managing Files and Folders through Group Policy | p. 283 |
| Managing Printers in Active Directory | p. 286 |
| Managing Software in Active Directory | p. 289 |
| Assigning Software | p. 291 |
| Publishing Software | p. 293 |
| Creating a .zap File | p. 294 |
| Configuring Software Installation Policy Properties | p. 295 |
| Managing the User Desktop Through Group Policy | p. 297 |
| Folder Redirection | p. 298 |
| Managing Operations Masters | p. 300 |
| Reassigning the Schema Master | p. 300 |
| Reassigning the Domain Naming Master | p. 301 |
| Reassigning the RID Master, PDC Emulator, or Infrastructure Master | p. 302 |
| Summary | p. 303 |
| Active Directory Clients | p. 305 |
| Understanding Client Options | p. 306 |
| Windows 2000 Professional Hardware Requirements | p. 308 |
| Windows 2000 Clients | p. 311 |
| Windows NT Clients | p. 312 |
| Windows 95/98 Clients | p. 312 |
| Clients from Other Networking Systems | p. 314 |
| Address Book | p. 315 |
| Managing Clients | p. 316 |
| Computer Management Tool | p. 317 |
| AD Users and Computers | p. 318 |
| Managing the Network from Clients | p. 331 |
| Summary | p. 333 |
| Mastering Active Directory | |
| Active Directory Schema | p. 337 |
| What Is the Schema? | p. 338 |
| Attributes, Syntaxes, and Schema Classes | p. 341 |
| The Schema Cache | p. 346 |
| Modifying the Schema | p. 349 |
| Schema Changes and the Schema Master | p. 351 |
| Generating an X.500 Object ID | p. 354 |
| Working with Active Directory Schema | p. 356 |
| Working with ADSI Editor | p. 372 |
| Summary | p. 376 |
| Active Directory Security | p. 377 |
| Kerberos | p. 378 |
| What Is Kerberos? | p. 379 |
| How Does Kerberos Work in Windows 2000? | p. 384 |
| Configuring Kerberos | p. 387 |
| Interoperating Windows 2000 Kerberos | p. 394 |
| What Kerberos Doesn't Prevent | p. 397 |
| Understanding Security Policy | p. 398 |
| Account Policies | p. 400 |
| Local Policies | p. 402 |
| Event Log | p. 405 |
| Restricted Groups | p. 405 |
| System Services | p. 407 |
| Registry | p. 408 |
| File System | p. 410 |
| Public Key Policies | p. 411 |
| IP Security Policies | p. 411 |
| Summary | p. 432 |
| Scripting Active Directory | p. 433 |
| Scripting in the Active Directory Environment | p. 434 |
| Interfaces | p. 435 |
| What Is Windows Scripting Host? | p. 438 |
| Configuring Script Files | p. 439 |
| cscript.exe | p. 442 |
| wscript.exe | p. 443 |
| Setting the Default Scripting Host | p. 444 |
| Debugging Scripts | p. 444 |
| Logon Scripts | p. 446 |
| User Logon Scripts | p. 447 |
| Policy Scripts | p. 448 |
| Built-in Scripts | p. 451 |
| Executing Scripts Automatically | p. 452 |
| Running UNIX Scripts in Windows 2000 | p. 457 |
| Summary | p. 458 |
| Interoperating Windows 2000 | p. 459 |
| Windows 2000 and NetWare | p. 460 |
| Configuring Windows 2000 for NetWare | p. 460 |
| Services for NetWare | p. 473 |
| Windows 2000 and UNIX-Based Systems | p. 474 |
| Connectivity Utilities | p. 476 |
| Interoperating Printers with UNIX | p. 488 |
| Telnet Server | p. 490 |
| Simple TCP/IP Services | p. 496 |
| Services for UNIX | p. 497 |
| Windows 2000 and Macintosh | p. 498 |
| File Services for Macintosh | p. 500 |
| Print Services for Macintosh | p. 510 |
| Supporting AppleTalk | p. 515 |
| Active Directory in the Microsoft Exchange Environment | p. 519 |
| Organizing and Optimizing Connection Agreements | p. 524 |
| Implementing an Exchange Server Connection | p. 525 |
| Managing the Active Directory Connector | p. 532 |
| Summary | p. 535 |
| Index | p. 537 |
| Table of Contents provided by Syndetics. All Rights Reserved. |
