Synopses & Reviews
Working with Microsoft's network directory service for the first time can be a headache for system and network administrators, IT professionals, technical project managers, and programmers alike. This authoritative guide is meant to relieve that pain. Instead of going through the graphical user interface screen by screen, O'Reilly's bestselling Active Directory tells you how to design, manage, and maintain a small, medium, or enterprise Active Directory infrastructure.
Fully updated to cover Active Directory for Windows Server 2003 SP1 and R2, this third edition is full of important updates and corrections. It's perfect for all Active Directory administrators, whether you manage a single server or a global multinational with thousands of servers.
Active Directory, 3rd Edition is divided into three parts. Part I introduces much of how Active Directory works, giving you a thorough grounding in its concepts. Some of the topics include Active Directory replication, the schema, application partitions, group policies, and interaction with DNS. Part II details the issues around properly designing the directory infrastructure. Topics include designing the namespace, creating a site topology, designing group policies for locking down client settings, auditing, permissions, backup and recovery, and a look at Microsoft's future direction with Directory Services. Part III covers how to create and manipulate users, groups, printers, and other objects that you may need in your everyday management of Active Directory.
If you want a book that lays bare the design and management of an enterprise or departmental Active Directory, then look no further. Active Directory, 3rd Edition will quickly earn its place among the books you don't want to be without.
About the Author
Joe Richards is a consultant/admin/tool writer and Microsoft MVP for Windows Server Directory Services. Joe updated the second edition of Active Directory Cookbook for O'Reilly.
Alistair G. Lowe-Norris is an Architectural Enterprise Strategy Consultant for Microsoft UK. During the writing of the first version of this book he worked for Leicester University as the project manager and technical lead of the Rapid Deployment Program for Windows 2000. During his time there, Leicester was part of Microsoft's U.K. and U.S. Rapid Deployment Programs for Windows 2000, and was responsible for rolling out what turned out to be one of the world's largest deployments of Windows 2000 preceding release of the final product. Since 1998 he has been the technical editor and a monthly columnist for the Windows Scripting Solutions magazine and a technical editor and author for Windows & .Net Magazine (previously Windows NT Magazine and Windows 2000 Magazine). In addition he is an author and editor for various other publications and online sites worldwide. He holds various Microsoft and other accreditations and has been using Windows 2000 and its descendents daily since October 1997. He lives in Leicester, UK.
Table of Contents
Preface; Intended Audience; Contents of the Book; Conventions Used in This Book; Using Code Examples; How to Contact Us; Safari Enabled; Acknowledgments; Part I: Active Directory Basics; Chapter 1: A Brief Introduction; 1.1 Evolution of the Microsoft NOS; 1.2 Windows NT Versus Active Directory; 1.3 Windows 2000 Versus Windows Server 2003; 1.4 Windows Server 2003 Versus Windows Server 2003 R2; 1.5 Summary; Chapter 2: Active Directory Fundamentals; 2.1 How Objects Are Stored and Identified; 2.2 Building Blocks; 2.3 Summary; Chapter 3: Naming Contexts and Application Partitions; 3.1 Domain Naming Context; 3.2 Configuration Naming Context; 3.3 Schema Naming Context; 3.4 Application Partitions; 3.5 Summary; Chapter 4: Active Directory Schema; 4.1 Structure of the Schema; 4.2 Attributes (attributeSchema Objects); 4.3 Attribute Properties; 4.4 Classes (classSchema Objects); 4.5 Summary; Chapter 5: Site Topology and Replication; 5.1 Site Topology; 5.2 Data Replication; 5.3 Summary; Chapter 6: Active Directory and DNS; 6.1 DNS Fundamentals; 6.2 DC Locator; 6.3 Resource Records Used by Active Directory; 6.4 Delegation Options; 6.5 Active Directory Integrated DNS; 6.6 Using Application Partitions for DNS; 6.7 Summary; Chapter 7: Profiles and Group Policy Primer; 7.1 A Profile Primer; 7.2 Capabilities of GPOs; 7.3 Additional Resources; 7.4 Summary; Part II: Designing an Active Directory Infrastructure; Chapter 8: Designing the Namespace; 8.1 The Complexities of a Design; 8.2 Where to Start; 8.3 Overview of the Design Process; 8.4 Domain Namespace Design; 8.5 Design of the Internal Domain Structure; 8.6 Other Design Considerations; 8.7 Design Examples; 8.8 Designing for the Real World; 8.9 Summary; Chapter 9: Creating a Site Topology; 9.1 Intrasite and Intersite Topologies; 9.2 Designing Sites and Links for Replication; 9.3 Examples; 9.4 Additional Resources; 9.5 Summary; Chapter 10: Designing Organization-Wide Group Policies; 10.1 How GPOs Work; 10.2 Managing Group Policies; 10.3 Using GPOs to Help Design the Organizational Unit Structure; 10.4 Debugging Group Policies; 10.5 Summary; Chapter 11: Active Directory Security: Permissions and Auditing; 11.1 Permission Basics; 11.2 Using the GUI to Examine Permissions; 11.3 Using the GUI to Examine Auditing; 11.4 Designing Permission Schemes; 11.5 Designing Auditing Schemes; 11.6 Real-World Examples; 11.7 Summary; Chapter 12: Designing and Implementing Schema Extensions; 12.1 Nominating Responsible People in Your Organization; 12.2 Thinking of Changing the Schema; 12.3 Creating Schema Extensions; 12.4 Summary; Chapter 13: Backup, Recovery, and Maintenance; 13.1 Backing Up Active Directory; 13.2 Restoring a Domain Controller; 13.3 Restoring Active Directory; 13.4 FSMO Recovery; 13.5 DIT Maintenance; 13.6 Summary; Chapter 14: Upgrading to Windows Server 2003; 14.1 New Features in Windows Server 2003; 14.2 Differences with Windows 2000; 14.3 Functional Levels Explained; 14.4 Preparing for ADPrep; 14.5 Upgrade Process; 14.6 Post-Upgrade Tasks; 14.7 Summary; Chapter 15: Upgrading to Windows Server 2003 R2; 15.1 New Active Directory Features in Windows Server 2003 Service Pack 1; 15.2 Differences with Windows Server 2003; 15.3 New Active Directory Features in Windows Server 2003 R2; 15.4 Preparing for ADPrep; 15.5 Service Pack 1 Upgrade Process; 15.6 R2 Upgrade Process; 15.7 Summary; Chapter 16: Migrating from Windows NT; 16.1 The Principles of Upgrading Windows NT Domains; 16.2 Summary; Chapter 17: Integrating Microsoft Exchange; 17.1 A Quick Word About Exchange/AD Interaction; 17.2 Preparing Active Directory for Exchange; 17.3 Exchange 5.5 and the Active Directory Connector; 17.4 Summary; Chapter 18: Active Directory Application Mode (ADAM); 18.1 ADAM Terms; 18.2 Differences Between AD and ADAM V1.0; 18.3 ADAM R2 Updates; 18.4 ADAM R2 Installation; 18.5 Tools; 18.6 ADAM Schema; 18.7 Using ADAM; 18.8 Summary; Chapter 19: Interoperability, Integration, and Future Direction; 19.1 Microsoft's Directory Strategy; 19.2 Interoperating with Other Directories; 19.3 Integrating Applications and Services; 19.4 Summary; Part III: Scripting Active Directory with ADSI, ADO, and WMI; Chapter 20: Scripting with ADSI; 20.1 What Are All These Buzzwords?; 20.2 Writing and Running Scripts; 20.3 ADSI; 20.4 Simple Manipulation of ADSI Objects; 20.5 Further Information; 20.6 Summary; Chapter 21: IADs and the Property Cache; 21.1 The IADs Properties; 21.2 Manipulating the Property Cache; 21.3 Checking for Errors in VBScript; 21.4 Summary; Chapter 22: Using ADO for Searching; 22.1 The First Search; 22.2 Other Ways of Connecting and Retrieving Results; 22.3 Understanding Search Filters; 22.4 Optimizing Searches; 22.5 Advanced Search Function: SearchAD; 22.6 Summary; Chapter 23: Users and Groups; 23.1 Creating a Simple User Account; 23.2 Creating a Full-Featured User Account; 23.3 Creating Many User Accounts; 23.4 Modifying Many User Accounts; 23.5 Account Unlocker Utility; 23.6 Creating a Group; 23.7 Adding Members to a Group; 23.8 Evaluating Group Membership; 23.9 Summary; Chapter 24: Basic Exchange Tasks; 24.1 Notes on Managing Exchange; 24.2 Exchange Management Tools; 24.3 Mail-Enabling Versus Mailbox-Enabling; 24.4 Exchange Delegation; 24.5 Mail-Enabling a User; 24.6 Mail-Disabling a User; 24.7 Creating and Mail-Enabling a Contact; 24.8 Mail-Disabling a Contact; 24.9 Mail-Enabling a Group (Distribution List); 24.10 Mail-Disabling a Group; 24.11 Mailbox-Enabling a User; 24.12 Mailbox-Disabling a User (Mailbox Deletion); 24.13 Purging a Disconnected Mailbox; 24.14 Reconnecting a Disconnected Mailbox; 24.15 Moving a Mailbox; 24.16 Enumerating Disconnected Mailboxes; 24.17 Viewing Mailbox Sizes and Message Counts; 24.18 Viewing All Store Details of All Mailboxes on a Server; 24.19 Dumping All Store Details of All Mailboxes on All Servers in Exchange Org; 24.20 Summary; Chapter 25: Shares and Print Queues; 25.1 The Interface Methods and Properties; 25.2 Creating and Manipulating Shares with ADSI; 25.3 Enumerating Sessions and Resources; 25.4 Manipulating Print Queues and Print Jobs; 25.5 Summary; Chapter 26: Permissions and Auditing; 26.1 How to Create an ACE Using ADSI; 26.2 A Simple ADSI Example; 26.3 A Complex ADSI Example; 26.4 Creating Security Descriptors; 26.5 Listing the Security Descriptor of an Object; 26.6 Summary; Chapter 27: Extending the Schema and the Active Directory Snap-ins; 27.1 Modifying the Schema with ADSI; 27.2 Customizing the Active Directory Administrative Snap-ins; 27.3 Summary; Chapter 28: Using ADSI and ADO from ASP or VB; 28.1 VBScript Limitations and Solutions; 28.2 How to Avoid Problems When Using ADSI and ASP; 28.3 Combining VBScript and HTML; 28.4 Binding to Objects via Authentication; 28.5 Incorporating Searches into ASP; 28.6 Migrating Your ADSI Scripts from VBScript to VB; 28.7 Summary; Chapter 29: Scripting with WMI; 29.1 Origins of WMI; 29.2 WMI Architecture; 29.3 Getting Started with WMI Scripting; 29.4 WMI Tools; 29.5 Manipulating Services; 29.6 Querying the Event Logs; 29.7 Querying AD with WMI; 29.8 Monitoring Trusts; 29.9 Monitoring Replication; 29.10 Summary; Chapter 30: Manipulating DNS; 30.1 DNS Provider Overview; 30.2 Manipulating DNS Server Configuration; 30.3 Creating and Manipulating Zones; 30.4 Creating and Manipulating Resource Records; 30.5 Summary; Chapter 31: Getting Started with VB.NET and System.Directory Services; 31.1 The .NET Framework; 31.2 Using VB.NET; 31.3 Overview of System.DirectoryServices; 31.4 DirectoryEntry Basics; 31.5 Searching with DirectorySearcher; 31.6 Manipulating Objects; 31.7 Summary; Colophon;