How To Install Windows 2003 Active Directory
those of you knew to the idea of a Directory in network terms, you can think of it as a telephone directory, with each entry being a network object, such as a user or a printer or a network share, rather than a piece of contact information. This information can be structured in to logical containers, called Organisational Units (OU’s) allowing for a more manageable environment when dealing with large numbers of users and other objects. This directory can be duplicated and replicated across multiple servers, allowing for redundancy and a distributed structure to be built in to the network design. This directory, like its paper based name sake, can be searched quickly an easily, though this can be done far faster than turning the pages of the book. Allowing for a logical structure and design allows IT Departments to apply policies to groups of users or computers based upon the needs of the business.
Clearly, in order for Microsoft to gain global dominance in the server field, they had to rework the server platform, and make it scalable, reliable and resilient from the ground up, and without completely reinventing the wheel. Thus Active Directory was born.
Learning the basics
Before we begin, lets quickly cover the basics of Active Directory. Any Active Directory installation goes hand in hand with a correctly setup DNS server running on your network. The reliance on DNS is apparent in Windows 2000, and it’s almost impossible to run a Windows 2000 network with out it being underpinned by DNS. This is very different from the old NT networks, which could do without, or would most likely use WINS which was a Microsoft ‘alternative’ to DNS offered up at the time. Such is the reliance on DNS, that it should be the first point of call when fault finding an issues with AD working or replication issues.
Active Directory itself is made up of three ‘logical’ partitions, these being ‘Domain’, ‘Configuration’ and ‘Schema’. Within the file system these are stored in the NTDS.DIT on any domain controller. The Domain partition stores information relating to the domain, while the Configuration partition holds information relating to the forest structure. Finally the Schema holds information on the definition of objects within the network. These can roughly be associated, in order, with the following tools; Active Directory Users and Computers, Active Directory Sites and Services, and ADSIEdit.
Is there a spin doctor in the house?
You’re not going to be bowled over by swathes of new features in Active Directory 2003, the most visible new features are to be found in the management tools which, as part of the Admin Pak, can be installed on a Windows XP machine and will work quite happily with Windows 2000. One of the most useful features of the new AD tools, for the general IT person, is the ability to create and store queries in Active Directory Users and Computers. You can now create queries to display users, computers, or any other object you can think of, based on pretty much any attribute you can think of. Microsoft have wisely included some predefined criteria, for performing the most common searches, which include; Disabled Accounts, Accounts not logged for xx days, Username (which can be the usual starts with, ends with, or contains etc), Description, and Expired Passwords. These queries alone should be able to help most IT folk, but the list of objects and attributes are endless.
Windows 2003 Active Directory
Article Source
