CREATING THE LOGICAL DESIGN FOR AN ACTIVE DIRECTORY INFRASTRUCTURE

Previous page
Table of content
Next page

  1. The administrative model deployed by a company will affect the Active Directory design. There are two main administrative models, centralized administration and decentralized administration.

  2. The model for administration that is chosen determines the organization of the Active Directory structure. There are four models: functional, geographical, organizational, and hybrid.

  3. Multiple forests might be required if a company requires separate schemas. To update the schema, you must be a member of the Schema Admins group.

  4. Security policies are applied at the domain level. If multiple security policies are required, multiple domains must be created. Only one security policy can exist within a domain.

  5. Multiple trees can be created if a business needs to maintain more than one namespace.

  6. Organizational units are created within a domain to logically group objects for administrative purposes more specifically, for applying Group Policy Objects (GPOs) and delegating authority.

  7. Delegation is the process of decentralizing network administration by assigning some of the administrative duties to other individuals or groups within the business. This is another reason for creating organizational units.

  8. GPOs can be applied locally or at the site, domain, and OU level. GPOs are applied in the following order: local, site, domain, OU.

  9. Filtering is a feature that allows an administrator to exclude certain groups from being affected by a group policy by limiting the scope of the policy. By removing the Apply Group Policy permission for a user or group, that entity can be made exempt from the policy settings.

  10. Using a feature called block policy inheritance, the inheritance of a GPO can be modified so that it is not passed on from parent container to child container. Any policy applied at the site, domain, or OU level can be blocked.

  11. The No Override option means exactly that. If the option is set, any group policies linked to a parent container will be applied to the child containers, regardless of whether the Block Policy Inheritance option is set.

  12. Windows Server 2003 supports four different types of security groups: local, domain local, global, and universal groups.

  13. Windows Server 2003 supports Kerberos, public key infrastructure, and smart cards for authentication.

  14. Migration paths to Windows Server 2003 include an in-place upgrade, domain restructuring, and a new Active Directory environment.

  15. An Active Directory site is basically a collection of well-connected IP subnets. The links between the subnets within a site are generally fast, reliable, and capable of supporting replication.

  16. The properties of a site link are transport, schedule, cost, and interval.

  17. RPC over IP or SMTP can be used to replicate information between sites. The schedule determines the time and day that a site link can be used for replication.

  18. SMTP is recommended for slow, unreliable WAN connections. SMTP ignores all schedules configured for a site link.

Previous page
Table of content
Next page
MCSE Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure Exam Cram 2
MCSE Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure Exam Cram 2 (Exam Cram 70-297)
ISBN: 0789730154
EAN: 2147483647
Year: 2003
Pages: 152
Authors: Bill Ferguson, Diana Huggins, Ed Tittel
BUY ON AMAZON
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
WebLogic: The Definitive Guide
FileMaker Pro 8: The Missing Manual
Cisco Voice Gateways and Gatekeepers
Cisco IOS Cookbook (Cookbooks (OReilly))
.NET System Management Services
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy