Mehr lesen
In-Depth Coverage for High-Level Active Directory Administrators If you're an Active Directory systems administrator, this comprehensive guide to the Windows Server 2003 R2 version of Active Directory offers you targeted solutions for the day-to-day requirements of managing a system.
Inhaltsverzeichnis
Introduction xxi
Part 1 Active Directory Design 1
Chapter 1 Active Directory Fundamentals 3
Do I Need Active Directory? 3
The Basics 4
What s New in R2? 9
Pre-Design Criteria 10
Coming Up Next 12
Chapter 2 Domain Name System Design 13
Tied Together 13
How to Resolve 14
Internal and External Name Options 21
Understanding the Current DNS Infrastructure 22
That Other DNS Server 23
Propagating the Changes 24
Protecting DNS 27
Keeping the System Accurate 33
Coming Up Next 37
Chapter 3 Active Directory Forest and Domain Design 39
Active Directory Forest Design Criteria 40
Multiple Forests: Pros and Cons 47
Forest Functionality Mode Features in Windows 2003 52
Active Directory Domain Design 55
Active Directory Domain Design Criteria 55
Multiple Domains: Pros and Cons 58
Coming Up Next 72
Chapter 4 Organizing the Physical and Logical Aspects of Active Directory 73
Determining the Site Topology 73
Understanding the Current Network Infrastructure 76
Setting Your Sites to Support the Active Directory Design 78
Designing Site Links and Site Link Bridges 81
Organizational Unit Design 84
Designing OUs for Group Policy 94
Coming Up Next 112
Chapter 5 Flexible Single Master Operations Design 113
What Are the FSMO Roles? 113
Choosing Flexible Single Master Operations Placement 117
Coming Up Next 120
Part 2 Active Directory Management 121
Chapter 6 Managing Accounts: User, Group, and Computer 123
Account Types 123
Utilities 147
Coming Up Next 173
Chapter 7 Managing Access with Active Directory Services 175
Active Directory Federation Services 176
Configuring Clients 196
Identity Management for Unix 198
Coming Up Next 219
Chapter 8 Maintaining Organizational Units 221
Organizational Units 221
User Rights and Permissions When Accessing Resources 227
Permissions 230
Delegation of Control 234
Auditing 239
Moving Objects in Active Directory 244
Coming Up Next 248
Chapter 9 Managing Group Policy 249
Group Policy Management Tools 249
Working with ADU&C or ADS&S 250
Group Policy Management Console (GPMC) 251
Administrative Templates 260
Group Policy Inheritance 261
Group Policy Storage 263
Group Policy Processing 264
Group Policy Troubleshooting 267
Practical Uses of Group Policy 269
Coming Up Next 274
Chapter 10 Managing Site Boundaries 275
Replication within Active Directory 275
Coming Up Next 293
Chapter 11 Managing the Flexible Single Master Operations Roles 295
Identifying the Role Holders 295
Maintaining the Role Holders 303
Coming Up Next 316
Chapter 12 Maintaining the Active Directory Database 317
The Active Directory Database 318
The Active Directory Schema 333
Modifying the Schema 335
Coming Up Next 336
Part 3 Troubleshooting Active Directory 337
Chapter 13 Microsoft s Troubleshooting Methodology for Active Directory 339
High-Level Methodology 339
Coming Up Next 351
Chapter 14 Troubleshooting Problems Related to Network Infrastructure 353
Components of Network Infrastructure 353
Name Resolution Methods 353
Methodologies of Network Troubleshooting 364
Coming Up Next 378
Chapter 15 Troubleshooting Problems Related to the Active Directory Database 379
Active Directory File 379
Troubleshooting Active Directory Replication 383
Replication Overview 383
Determining DNS Problems 383
Verifying Replication 386
Controlling Replication in Large Organizations 390
Best Practices for Troubleshooting AD Replication 391
Troubleshooting FSMO Roles 391
FSMO Roles and Their Importance 391
Transferring and Seizing FSMO Roles 395
Best Practices for Troubleshooting FSMO Roles 401
Troubleshooting Logon Failures 401
Auditing for Logon Problems 401
Native Mode Logon Problems 407
Account Lockout Problems 408
Remote Access Issues 412
Are You Being Attacked? 412
