Synopses & Reviews
To relieve the pain you may feel when you first encounter Active Directory, this bestselling book gives you a thorough grounding in Microsoft's network directory service. Active Directory teaches you how to design, manage, and maintain an AD infrastructure, whether it's for a small business server shop or a multinational enterprise. This book is a major update to the very successful third edition. All of the existing chapters have been brought up to date with Windows Server 2008 changes, as well as updates in concepts and approaches to managing Active Directory and script updates. There are seven new chapters and one new appendix to explain features or concepts not covered in the third edition. Detailed and highly accurate, but unlike typical dry references, Active Directory presents concepts in an easy-to-understand narrative style. With this book, you will:
Get a complete review of all the new Windows 2008 features Learn how Active Directory works with server products like Exchange, SMS, and Office Communications Server Discover how to automate tasks through updated scripting and programming chapters Get advice on using command line tools as a more efficient option to the GUI Grasp concepts easily with the help of more images and diagrams
Ideal for administrators, IT professionals, project managers, and programmers alike, Active Directory is not only for people getting started with AD, it's also for experienced users who need to stay up to date with the latest AD features in Windows Server 2008. No wonder so many reviewers hail this book as the best resource on Active Directory.
Synopsis
To help you take full advantage of Active Directory, this fourth edition of this bestselling book gives you a thorough grounding in Microsoft's network directory service. With Active Directory, you'll learn how to design, manage, and maintain an AD infrastructure, whether it's for a small business network or a multinational enterprise with thousands of resources, services, and users.
This detailed and highly accurate volume covers Active Directory from its origins in Windows 2000 through Windows Server 2008. But unlike typical dry references, Active Directory presents concepts in an easy-to-understand, narrative style. With this book, you will:
- Get a complete review of all the new Windows 2008 features
- Learn how Active Directory works with Exchange and PowerShell
- Take advantage of the updated scripting and programming chapters to automate AD tasks
- Learn how to be more efficient with command-line tools
- Grasp concepts easily with the help of numerous screenshots and diagrams
Ideal for administrators, IT professionals, project managers, and programmers alike, Active Directory is not only for people getting started with AD, it's also for experienced users who need to stay up-to-date with the latest AD features in Windows Server 2008. It is no wonder this guide is the bestselling AD resource available.
Synopsis
ctive Directory, 4e will fit on the bookshelves of a large cross-section of IT professionals, including operations resources, enterprise architects, and consultants. Completely updated, it covers Active Directory from its origins in Windows 2000 to what will be present day with Windows 2008 and everything in between. Active Directory is a core piece of Microsoft's server offering and the central component of its overall identity management strategy. Practically every Windows shop has Active Directory deployed to some scale.
Synopsis
Design and Deployment of Microsoft's Active Directory
About the Author
Brian Desmond spends his days focused on Active Directory for some of the world's largest companies. A Microsoft MVP since 2004, Brian brings extensive knowledge of how Active Directory works and how to successfully run Active Directory deployments large and small.
Joe Richards is a consultant/admin/tool writer and Microsoft MVP for Windows Server Directory Services. Joe updated the second edition of Active Directory Cookbook for O'Reilly.
Robbie Allen is an author, entrepreneur, web industry veteran, and new father. His day job has been in IT for the last 12 years. He is the coauthor of Active Directory, 2nd Edition and the author of the Active Directory Cookbook.
Alistair G. Lowe-Norris is an Architectural Enterprise Strategy Consultant for Microsoft UK. During the writing of the first version of this book he worked for Leicester University as the project manager and technical lead of the Rapid Deployment Program for Windows 2000. During his time there, Leicester was part of Microsoft's U.K. and U.S. Rapid Deployment Programs for Windows 2000, and was responsible for rolling out what turned out to be one of the world's largest deployments of Windows 2000 preceding release of the final product. Since 1998 he has been the technical editor and a monthly columnist for the Windows Scripting Solutions magazine and a technical editor and author for Windows & .Net Magazine (previously Windows NT Magazine and Windows 2000 Magazine). In addition he is an author and editor for various other publications and online sites worldwide. He holds various Microsoft and other accreditations and has been using Windows 2000 and its descendents daily since October 1997. He lives in Leicester, UK.
Table of Contents
Preface; Intended Audience; Contents of the Book; Conventions Used in This Book; Using Code Examples; Safari® Books Online; How to Contact Us; Acknowledgments; Active Directory Basics; Chapter 1: A Brief Introduction; 1.1 Evolution of the Microsoft NOS; 1.2 Windows NT Versus Active Directory; 1.3 Windows 2000 Versus Windows Server 2003; 1.4 Windows Server 2003 Versus Windows Server 2003 R2; 1.5 Windows Server 2003 R2 Versus Windows Server 2008; 1.6 Summary; Chapter 2: Active Directory Fundamentals; 2.1 How Objects Are Stored and Identified; 2.2 Building Blocks; 2.3 Summary; Chapter 3: Naming Contexts and Application Partitions; 3.1 Domain Naming Context; 3.2 Configuration Naming Context; 3.3 Schema Naming Context; 3.4 Application Partitions; 3.5 Summary; Chapter 4: Active Directory Schema; 4.1 Structure of the Schema; 4.2 Attributes (attributeSchema Objects); 4.3 Attribute Properties; 4.4 Classes (classSchema Objects); 4.5 Summary; Chapter 5: Site Topology and Replication; 5.1 Site Topology; 5.2 How Replication Works; 5.3 Summary; Chapter 6: Active Directory and DNS; 6.1 DNS Fundamentals; 6.2 DC Locator; 6.3 Resource Records Used by Active Directory; 6.4 Delegation Options; 6.5 Active Directory Integrated DNS; 6.6 Using Application Partitions for DNS; 6.7 Aging and Scavenging; 6.8 Summary; Chapter 7: Read-Only Domain Controllers; 7.1 Prerequisites; 7.2 Password Replication Policies; 7.3 The Client Logon Process; 7.4 RODCs and Write Requests; 7.5 The W32Time Service; 7.6 Application Compatibility; 7.7 RODC Placement Considerations; 7.8 RODCs and Replication; 7.9 Administrator Role Separation; 7.10 Summary; Chapter 8: Group Policy Primer; 8.1 Capabilities of GPOs; 8.2 How Group Policies Work; 8.3 Managing Group Policies; 8.4 Troubleshooting Group Policy; 8.5 Summary; Chapter 9: Fine-Grained Password Policies; 9.1 Understanding Password Setting Objects; 9.2 Scenarios for Fine-Grained Password Policies; 9.3 Creating Password Setting Objects; 9.4 Managing Password Settings Objects; 9.5 Delegating Management of PSOs; 9.6 Summary; Designing an Active Directory Infrastructure; Chapter 10: Designing the Namespace; 10.1 The Complexities of a Design; 10.2 Where to Start; 10.3 Overview of the Design Process; 10.4 Domain Namespace Design; 10.5 Design of the Internal Domain Structure; 10.6 Other Design Considerations; 10.7 Design Examples; 10.8 Designing for the Real World; 10.9 Summary; Chapter 11: Creating a Site Topology; 11.1 Intrasite and Intersite Topologies; 11.2 Designing Sites and Links for Replication; 11.3 Examples; 11.4 Additional Resources; 11.5 Summary; Chapter 12: Designing Organization-Wide Group Policies; 12.1 Using GPOs to Help Design the Organizational Unit Structure; 12.2 Summary; Chapter 13: Active Directory Security: Permissions and Auditing; 13.1 Permission Basics; 13.2 Using the GUI to Examine Permissions; 13.3 Using the GUI to Examine Auditing; 13.4 Designing Permission Schemes; 13.5 Designing Auditing Schemes; 13.6 Real-World Examples; 13.7 Summary; Chapter 14: Designing and Implementing Schema Extensions; 14.1 Nominating Responsible People in Your Organization; 14.2 Thinking of Changing the Schema; 14.3 Creating Schema Extensions; 14.4 Summary; Chapter 15: Backup, Recovery, and Maintenance; 15.1 Backing Up Active Directory; 15.2 Restoring a Domain Controller; 15.3 Restoring Active Directory; 15.4 Working with Snapshots; 15.5 FSMO Recovery; 15.6 Restartable Directory Service; 15.7 DIT Maintenance; 15.8 Summary; Chapter 16: Upgrading to Windows Server 2003; 16.1 New Features in Windows Server 2003; 16.2 Differences with Windows 2000; 16.3 Functional Levels Explained; 16.4 Preparing for ADPrep; 16.5 Upgrade Process; 16.6 Post-Upgrade Tasks; 16.7 Summary; Chapter 17: Upgrading to Windows Server 2003 R2; 17.1 New Active Directory Features in Windows Server 2003 Service Pack 1; 17.2 Differences with Windows Server 2003; 17.3 New Active Directory Features in Windows Server 2003 R2; 17.4 Preparing for ADPrep; 17.5 Service Pack 1 Upgrade Process; 17.6 R2 Upgrade Process; 17.7 Summary; Chapter 18: Upgrading to Windows Server 2008; 18.1 New Features in Windows Server 2008; 18.2 Differences with Windows Server 2003; 18.3 Preparing for ADPrep; 18.4 Windows Server 2008 Upgrade Process; 18.5 Summary; Chapter 19: Integrating Microsoft Exchange; 19.1 A Quick Word about Exchange/AD Interaction; 19.2 Preparing Active Directory for Exchange; 19.3 Mail-Enabling Objects; 19.4 Summary; Chapter 20: Active Directory Lightweight Directory Service (a.k.a. ADAM); 20.1 ADAM Terms; 20.2 Differences Between AD and ADAM V1.0; 20.3 ADAM R2 Updates; 20.4 Active Directory Lightweight Directory Services Updates; 20.5 AD LDS Installation; 20.6 Tools; 20.7 ADAM Schema; 20.8 Using ADAM; 20.9 Summary; Scripting Active Directory with ADSI, ADO, and WMI; Chapter 21: Scripting with ADSI; 21.1 What Are All These Buzzwords?; 21.2 ADSI; 21.3 Simple Manipulation of ADSI Objects; 21.4 Summary; Chapter 22: IADs and the Property Cache; 22.1 The IADs Properties; 22.2 Manipulating the Property Cache; 22.3 Checking for Errors in VBScript; 22.4 Summary; Chapter 23: Using ADO for Searching; 23.1 The First Search; 23.2 Understanding Search Filters; 23.3 Optimizing Searches; 23.4 Advanced Search Function: SearchAD; 23.5 Summary; Chapter 24: Users and Groups; 24.1 Creating a Simple User Account; 24.2 Creating a Full-Featured User Account; 24.3 Creating Many User Accounts; 24.4 Modifying Many User Accounts; 24.5 Account Unlocker Utility; 24.6 Creating a Group; 24.7 Adding Members to a Group; 24.8 Evaluating Group Membership; 24.9 Summary; Chapter 25: Permissions and Auditing; 25.1 How to Create an ACE Using ADSI; 25.2 A Simple ADSI Example; 25.3 A Complex ADSI Example; 25.4 Creating Security Descriptors; 25.5 Listing the Security Descriptor of an Object; 25.6 Summary; Chapter 26: Extending the Schema and the Active Directory Snap-ins; 26.1 Modifying the Schema with ADSI; 26.2 Customizing the Active Directory Administrative Snap-ins; 26.3 Summary; Chapter 27: Scripting with WMI; 27.1 Origins of WMI; 27.2 WMI Architecture; 27.3 Getting Started with WMI Scripting; 27.4 WMI Tools; 27.5 Manipulating Services; 27.6 Querying the Event Logs; 27.7 Monitoring Trusts; 27.8 Monitoring Replication; 27.9 Summary; Chapter 28: Scripting DNS; 28.1 DNS Provider Overview; 28.2 Manipulating DNS Server Configuration; 28.3 Creating and Manipulating Zones; 28.4 Creating and Manipulating Resource Records; 28.5 Summary; Chapter 29: Programming the Directory with the .NET Framework; 29.1 Why .NET?; 29.2 Choosing a .NET Programming Language; 29.3 Choosing a Development Tool; 29.4 .NET Framework Versions; 29.5 Directory Services Programming Landscape; 29.6 .NET Directory Services Programming by Example; 29.7 Summary; Chapter 30: PowerShell Basics; 30.1 Exploring the PowerShell; 30.2 Working with the Pipeline; 30.3 Cmdlets; 30.4 Building PowerShell Scripts; 30.5 Using WMI; 30.6 Summary; Chapter 31: Scripting Active Directory with PowerShell; 31.1 Becoming Familiar with .NET; 31.2 Understanding Client-Side Processing; 31.3 Building the Lab Build Script; 31.4 Working with Forests and Domains; 31.5 Understanding Group Policy; 31.6 Summary; Chapter 32: Scripting Basic Exchange 2003 Tasks; 32.1 Notes on Managing Exchange; 32.2 Exchange Management Tools; 32.3 Mail-Enabling Versus Mailbox-Enabling; 32.4 Exchange Delegation; 32.5 Mail-Enabling a User; 32.6 Mail-Disabling a User; 32.7 Creating and Mail-Enabling a Contact; 32.8 Mail-Disabling a Contact; 32.9 Mail-Enabling a Group (Distribution List); 32.10 Mail-Disabling a Group; 32.11 Mailbox-Enabling a User; 32.12 Mailbox-Disabling a User (Mailbox Deletion); 32.13 Purging a Disconnected Mailbox; 32.14 Reconnecting a Disconnected Mailbox; 32.15 Moving a Mailbox; 32.16 Enumerating Disconnected Mailboxes; 32.17 Viewing Mailbox Sizes and Message Counts; 32.18 Viewing All Store Details of All Mailboxes on a Server; 32.19 Dumping All Store Details of All Mailboxes on All Servers in Exchange Org; 32.20 Summary; Chapter 33: Scripting Basic Exchange 2007 Tasks; 33.1 Exchange Scripting Notes; 33.2 Managing Users; 33.3 Managing Groups; 33.4 Summary; Colophon;