Chapter 30. Using the Active Directory Service


SOME OF THE MAIN TOPICS IN THIS CHAPTER ARE

Early Directory Technologies 556

Objects and Attributes 562

What Is a Domain Tree? What Is a Forest? 564

The Active Directory and Dynamic DNS 567

Active Directory Service Interfaces (ADSI) 571

The Active Directory Schema 573

Finding Objects in the Active Directory 581

The Active Directory Service and Windows Server 2003 585

New Active Directory Features in Windows Server 2003 585

In Chapter 37, "Windows 2000 and Windows Server 2003 User and Computer Management Utilities," you will find a lengthy overview of using the Active Directory for basic functions, as the title of that chapter suggests. In this chapter you will learn more about how the Active Directory is structured, and how to manage the directory itself. The Active Directory, especially in Windows Server 2003, plays an important role in any Windows-based network.

If you have a heterogeneous network composed of Windows and other operating systems, see Part XI, "Migration and Integration," to learn how the Active Directory can be used in this type of network.


The Active Directory was introduced by Microsoft with Windows 2000. The Active Directory is an LDAP-based directory service that enables you to store information about user accounts, domains, and resource objects in the same place for easy management. And because LDAP (see Appendix D, "The Lightweight Directory Access Protocol") is a standard embraced by a large number of vendors, from Novell to Netscape, it is possible to enable networks that use different directory services to interact with each other. This can be an important factor when integrating two networks, or when migrating from one type of network to another.

The Active Directory can be installed on a Windows network when you migrate from Windows NT 4.0 to Windows 2000 Server, or Windows Server 2003. The examples in this chapter are based on Windows Server 2003, which incorporates many new features. However, the concepts are basically the same, though the windows and dialog boxes may look a little different if you are using an earlier version of Windows.

When you upgrade from Windows NT, domains become container units within the directory. Additionally, the nature of trust relationships between domains changes. There are many other subtle differences you will notice, but for the most part you will find it easier to manage network users and resources using the Microsoft Management Console (MMC) snap-ins to perform routine tasks. Other snap-ins can be installed in the MMC to allow you to perform more complicated functions, such as modifying the schema.

Note

You can create a small workgroup-style network using just about any supported version of Windows. If you want to maintain an environment where security and administrative tasks can be centralized and controlled, as in the previous Windows NT domain models, you'll have to use the Active Directory, or perhaps another directory service, such as the eDirectory from Novell.


The only information stored in the Windows NT 4.0 SAM (security accounts manager) database is user and computer accounts, along with some security information, such as trust relationships between domains. Information about printers, file shares, and other resources is scattered here and there in separate databases and is managed by separate utilities. Administering network resources using multiple utilities with disjointed interfaces can become quite a nightmare in a large network. This disjointed method of administration has created a situation in which many upgraded their networks to Windows NT 4.0, but also adopted Novell Directory Services on the same network. Adding NDS to a Windows NT 4.0 network can solve a lot of problems by giving you a single place to administer many kinds of resources. The Active Directory consolidates information from these different sources into a single database, and provides you with a simpler management interface.




Upgrading and Repairing Networks
Upgrading and Repairing Networks (5th Edition)
ISBN: 078973530X
EAN: 2147483647
Year: 2006
Pages: 411

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net