Glossary


A

account/discretionary access control list (A/DACL)
Resource access method that enters the account directly into the discretionary access control list of an object to either allow or deny access.
Account group
Term used to describe an Active Directory group object that is used to organize user accounts that have the same resource access requirements.
Account group/discretionary access control list (AG/DACL)
Resource access method that uses global groups and includes them in the discretionary access control list of the object to which the users need access.
Account group/Resource group (AG/ RG)
Resource access method that nests global groups within domain local or local groups in order to allow user accounts to have access to resources.
Account Lockout Duration setting
The setting used to determine the amount of time that an account will remain locked after a prespecified number of bad passwords has been attempted to log on to a user account. If set to 0, the account will remain locked out until an administrator unlocks the account.
account lockout restrictions
The settings that specify when an account should be locked when the password is entered incorrectly. These security measures protect from brute force or dictionary attacks.
Account Lockout Threshold setting
The setting used to set the number of failed logon attempts that are allowed before the account is locked out.
account OUs
Organizational units that are created to hold User, Group, and Computer accounts.
account policies
The password, lockout, and Kerberos policies. These policies can be applied at the domain level or on a stand-alone system.
Active Directory “integrated zones
DNS zones that have the resource record information stored in Active Directory. These require a DNS server that is also a DC. The DNS zone data is then replicated to other Active Directory “integrated DNS servers via Active Directory replication.
Active Directory Migration Tool (ADMT)
A utility that administrators can use to move accounts from one domain to another. This tool can be used to move accounts between Windows NT, Windows 2000, and Windows Server 2003 domains.
A/DACL
See account/discretionary access control list (A/DACL) .
ADMT
See Active Directory Migration Tool (ADMT) .
AG/DACL
See Account group/discretionary access control list (AG/DACL) .
AG/RG
See Account group/Resource group (AG/RG) .
alternate IP addressing
IP addressing option that allows an administrator to enter an IP address into a DHCP client that will be used whenever the DHCP client cannot obtain an IP address from a DHCP server. This IP address will be used instead of APIPA.
APIPA
See automatic private IP address (APIPA) .
attributes
Properties of an Active Directory object.
authoritative zone transfer (AXFR)
DNS zone transfer that sends the entire zone datafile to another DNS server in order to keep it updated.
automatic private IP address (APIPA)
An address that is automatically generated by a DHCP client when it is unable to obtain an IP address and it is not configured to use an alternate IP address.
automation tools
Tools that allow an administrator to remotely administer computers
autonomous model
This model lets you have control over resources so that administrators from outside of your domain, with the exceptions of the forest-level administrators, will not have any control over resources within your domain.
AXFR
See authoritative zone transfer (AXFR) .



MCSE
MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide (70-297)
ISBN: 0782143210
EAN: 2147483647
Year: 2004
Pages: 159
Authors: Brad Price, Sybex

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net