Glossary

An entry within an access control list (ACL) that grants or denies permissions to users or groups for a given resource.

A list that contains a set of access control entries that define an object's permission settings. ACLs enable administrators to explicitly control access to resources.

See access control entry (ACE).

See access control list (ACL).

The Microsoft Windows Server directory service that forms the basis for centralized network management on Windows 2000 Server and later networks, providing a hierarchical view of network resources.

A utility that allows you to merge two Active Directory users, or a user and a contact. This is useful if after a migration you have duplicate accounts and each account contains information that needs to be saved.

The Microsoft Exchange Server 2003 service that allows for the replication of information between Active Directory and a Microsoft Exchange Server 5.5 directory.

A utility that allows you to migrate Active Directory user accounts and mailboxes from one domain to another, across Microsoft Exchange Server organizations.

A directory service model implemented as a set of COM interfaces. ADSI allows Microsoft Windows applications to access Active Directory, often through Microsoft ActiveX interfaces such as VBScript.

The primary systems administrator utility for managing users, groups, and computers in a Microsoft Windows 2000 Server and later domain, implemented as a Microsoft Management Console (MMC) snap-in.

See Active Directory Connector (ADC).

A Microsoft Exchange Server 2003 set of tools that provides a wizard interface for going step-by-step through the deployment of the Active Directory Connector.

A list used to organize the Global Address List (GAL) into smaller, more manageable groupings. Address lists in Microsoft Exchange Server 2003 are formed through administrator-defined Lightweight Directory Access Protocol (LDAP) queries.

The most basic type of resource record on a Domain Name System (DNS) server. Every client that registers with DNS has an associated A record that maps its name to its Internet Protocol (IP) address.

The part of an address that specifies the system that will receive a message. It is a subset of a complete address—for example, in the e-mail address willis@contoso.com, @contoso.com is the address space.

A Microsoft Exchange Server 2003 organizational concept that defines the administrative topology for an organization. Administrative groups can be used to limit the scope of administration to a specific grouping of Exchange Server 2003 servers, rather than the entire organization.

These rights control the users and groups that can use Exchange System Manager, a custom Microsoft Management Console (MMC) console, or any other administrative utility to change the replication, storage limits, and other settings for a public folder.

Microsoft Exchange Server 2003 supports three administrative roles that can be delegated using Exchange System Manager: Exchange Full Administrator, which can manage anything in the organization, including permissions; Exchange Administrator, which can manage everything in the organization except permissions; and Exchange View Only Administrator, which has read-only administrative access to the Exchange organization.

See Active Directory Service Interfaces (ADSI).

You configure an alert to warn you if the value in a Performance counter exceeds or drops below a defined level. An alert writes an event to the application log in Event Viewer and can also send a message to a specified user, start a performance log, and run an executable file.

A standard set of codes used worldwide, where each letter of the English language is represented by a code. The ASCII standard allows disparate e-mail systems to exchange messages with each other in a format that can be read anywhere. ASCII is commonly referred to as "plain text."

See American Standard Code for Information Interchange (ASCII).

The basic unit of an object, an attribute is a single property that through its values defines an object. For example, an attribute of a standard user account is the account name.

A security process that tracks the use of selected network resources, typically storing the results in a log file.

The process by which a user's logon credentials are validated by a server so that access to a network resource can be granted or denied.