Documente Academic
Documente Profesional
Documente Cultură
Content
Creating and Managing Organizational Units Delegating Administrative Control for Organizational Units Planning an Organizational Unit Strategy
Removing an OU
Procedure Dsrm Organizational Unit DN d Domain u UserName p Password
Content
Introduction to Accounts Creating and Managing Multiple Accounts Implementing User Principal Name Suffixes Moving Objects in Active Directory Planning a User, Group and Computer Account Strategy Planning an Active Directory Audit Strategy
ADVANTAGE PRO Chennais Premier Networking Training Center
Types of Accounts
User accounts
Enables a single sign-on for a user Provides access to resources
Computer Accounts
Enables authentication and auditing of computer access to
resources
Group Accounts
Helps simplify administration
ADVANTAGE PRO Chennais Premier Networking Training Center
Types of Groups
Distribution Groups -- Used only with e-mail application -- Not Security-enabled Security Groups -- Used to assign rights and permission to groups of users and computers -- Used most effectively when nested
Types of Groups
GROUP SCOPE
NESTED GROUP
CREATING GROUPS
MODIFYING GROUP
are located in the same domain in which you create the domain local group
You can add all global groups that must share the same
Global Groups
A global group is a security or distribution group that can contain users, groups and computers as members from its own domain. You can grant rights and permissions to global security groups for resources in any domain in the forest.
Global Groups
When to use:
Global groups are visible throughout the forest, do not create
Universal Groups
A universal group is a security or distribution group that can contain users, groups, and computers as members from any domain in its forest. Universal security groups can be granted rights and permissions on resources in any domain in the forest.
Universal Groups
When to use:
Use universal groups when you want to nest global groups. You can assign permissions to related resources in multiple
domains.
A Windows server 2003 domain must be in Windows 2000
native mode or Windows server 2003 mode to use universal security groups
You can use in Windows 2003 domain that is in Windows
file, also known as a comma-sperated value format (Cdvde format) as input to create multiple accounts in Active Directory.
Use Csvde format to add user objects and other types of
formatted.
Dn,objectClass,SAMaccountName,userPrinicipalName, displayName,userAccountControl
ADVANTAGE PRO Chennais Premier Networking Training Center
Set the new value of the property-for example, the room number of an employee who has moved to a new office
objUser.Putphysical Delivery Office Name,Room 4358
ADVANTAGE PRO Chennais Premier Networking Training Center
Save the file with the extension .vbs Execute the command in command prompt
wscript.exe filename
SID
Is a list of all SIDs that were assigned to a user account Provides migrated user account with continuity of access to resources
Within a Forest
New SID SID History Same GUID
Across Forests
New SID SID History New GUID