Administration Tools for Active Directory

Previous page
Table of content
Next page

Looking into some of the Active Directory administration tools can help to give you an idea of Active Directory, what data is in there, and what can be done programmatically.

The system administrator has a lot of tools to enter new data, update data, and configure Active Directory:

  • The Active Directory Users and Computers MMC snap-in is used to enter new users and update user data.

  • The Active Directory Sites and Services MMC snap-in is used to configure sites in a domain and replication between these sites.

  • The Active Directory Domains and Trusts MMC snap-in can be used to build up a trust relationship between domains in a tree.

  • ADSI Edit is the editor for Active Directory, where every object can be viewed and edited.

Tip 

To run these tools on Windows Vista or Windows XP, you need to install Windows Server 2003 Admin Pack. ADSI Edit is available with the Windows Server 2003 Support tools.

Active Directory Users and Computers

The Active Directory Users and Computers snap-in is the tool that system administrators use to manage users. Select Start image from book Programs image from book Administrative Tools image from book Active Directory Users and Computers to start this program (see Figure 42-4).

image from book
Figure 42-4

With this tool you can add new users, groups, contacts, organizational units, printers, shared folders, or computers, and modify existing ones. Figure 42-5 shows the attributes that can be entered for a user object: office, phone numbers, e-mail addresses, Web pages, organization information, addresses, groups, and so on.

image from book
Figure 42-5

Active Directory Users and Computers can also be used in big enterprises with millions of objects. It’s not necessary to look through a list with a thousand objects, because you can select a custom filter to display only some of the objects. You can also perform an LDAP query to search for the objects in the enterprise. You explore these possibilities later in this chapter.

ADSI Edit

ADSI Edit is the editor of Active Directory. This tool is not installed automatically; on the Windows Server 2003 CD, you can find a directory named Support Tools. When the support tools are installed, you can access ADSI Edit by invoking the program adsiedit.msc.

ADSI Edit offers greater control than the Active Directory Users and Computers tool (see Figure 42-6); with ADSI Edit everything can be configured, and you can also look at the schema and the configuration. This tool is not very intuitive to use, however, and it is very easy to enter wrong data.

image from book
Figure 42-6

By opening the properties window of an object, you can view and change every attribute of an object in Active Directory. With this tool, you can see mandatory and optional attributes, with their types and values (see Figure 42-7).

image from book
Figure 42-7



Previous page
Table of content
Next page
Professional C# 2005 with .NET 3.0
Professional C# 2005 with .NET 3.0
ISBN: 470124725
EAN: N/A
Year: 2007
Pages: 427
BUY ON AMAZON
Systematic Software Testing (Artech House Computer Library)
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
The Complete Cisco VPN Configuration Guide
Cultural Imperative: Global Trends in the 21st Century
DNS & BIND Cookbook
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy