Mastering Active Directory for Windows Server 2003 R2


  • Active Directory stores information about a network's users and directories, making it easier to configure, manage, and update a network
  • Windows Server 2003 R2 will include a new scripting engine to make Active Directory administration quicker and easier, plus a Group Policy Management Console for managing group and user accounts
  • Geared to experienced system administrators, this book focuses on serious day-to-day needs and provides real-world ...
See more details below
Other sellers (Paperback)
  • All (17) from $1.99   
  • New (6) from $31.35   
  • Used (11) from $1.99   
Sending request ...


  • Active Directory stores information about a network's users and directories, making it easier to configure, manage, and update a network
  • Windows Server 2003 R2 will include a new scripting engine to make Active Directory administration quicker and easier, plus a Group Policy Management Console for managing group and user accounts
  • Geared to experienced system administrators, this book focuses on serious day-to-day needs and provides real-world solutions, including scripts that can be downloaded and implemented in any AD system
Read More Show Less

Product Details

  • ISBN-13: 9780782144413
  • Publisher: Wiley
  • Publication date: 1/4/2006
  • Series: Mastering Series
  • Edition number: 1
  • Pages: 672
  • Product dimensions: 9.25 (w) x 7.50 (h) x 1.42 (d)

Meet the Author

Brad Price, MCSE, MCT, is a technical trainer specializing in Active Directory and Exchange Server 2000 and 2003. He is the author of Active Directory Best Practices 24seven: Migrating, Designing, and Troubleshooting and MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide, both from Sybex. John Price, a Citrix Certified Administrator and Microsoft Certified Trainer, is a trainer and network engineer consultant specializing in Citrix enterprise implementations. Scott Fenstermacher is currently a network engineer for a top 200 software company. He has a degree in computer science and holds several certifications from Microsoft and other vendors, including MCSE, MCSD, and MCDBA.

Read More Show Less

Table of Contents

Introduction xxi
Part 1 Active Directory Design 1
Chapter 1 Active Directory Fundamentals 3
Do I Need Active Directory? 3
The Basics 4
What's New in R2? 9
Pre-Design Criteria 10
Coming Up Next 12
Chapter 2 Domain Name System Design 13
Tied Together 13
How to Resolve 14
Internal and External Name Options 21
Understanding the Current DNS Infrastructure 22
That Other DNS Server 23
Propagating the Changes 24
Protecting DNS 27
Keeping the System Accurate 33
Coming Up Next 37
Chapter 3 Active Directory Forest and Domain Design 39
Active Directory Forest Design Criteria 40
Multiple Forests: Pros and Cons 47
Forest Functionality Mode Features in Windows 2003 52
Active Directory Domain Design 55
Active Directory Domain Design Criteria 55
Multiple Domains: Pros and Cons 58
Coming Up Next 72
Chapter 4 Organizing the Physical and Logical Aspects of Active Directory 73
Determining the Site Topology 73
Understanding the Current Network Infrastructure 76
Setting Your Sites to Support the Active Directory Design 78
Designing Site Links and Site Link Bridges 81
Organizational Unit Design 84
Designing OUs for Group Policy 94
Coming Up Next 112
Chapter 5 Flexible Single Master Operations Design 113
What Are the FSMO Roles? 113
Choosing Flexible Single Master Operations Placement 117
Coming Up Next 120
Part 2 Active Directory Management 121
Chapter 6 Managing Accounts: User, Group, and Computer 123
Account Types 123
Utilities 147
Coming Up Next 173
Chapter 7 Managing Access with Active Directory Services 175
Active Directory Federation Services 176
Configuring Clients 196
Identity Management for Unix 198
Coming Up Next 219
Chapter 8 Maintaining Organizational Units 221
Organizational Units 221
User Rights and Permissions When Accessing Resources 227
Permissions 230
Delegation of Control 234
Auditing 239
Moving Objects in Active Directory 244
Coming Up Next 248
Chapter 9 Managing Group Policy 249
Group Policy Management Tools 249
Working with ADU&C or ADS&S 250
Group Policy Management Console (GPMC) 251
Administrative Templates 260
Group Policy Inheritance 261
Group Policy Storage 263
Group Policy Processing 264
Group Policy Troubleshooting 267
Practical Uses of Group Policy 269
Coming Up Next 274
Chapter 10 Managing Site Boundaries 275
Replication within Active Directory 275
Coming Up Next 293
Chapter 11 Managing the Flexible Single Master Operations Roles 295
Identifying the Role Holders 295
Maintaining the Role Holders 303
Coming Up Next 316
Chapter 12 Maintaining the Active Directory Database 317
The Active Directory Database 318
The Active Directory Schema 333
Modifying the Schema 335
Coming Up Next 336
Part 3 Troubleshooting Active Directory 337
Chapter 13 Microsoft's Troubleshooting Methodology for Active Directory 339
High-Level Methodology 339
Coming Up Next 351
Chapter 14 Troubleshooting Problems Related to Network Infrastructure 353
Components of Network Infrastructure 353
Name Resolution Methods 353
Methodologies of Network Troubleshooting 364
Coming Up Next 378
Chapter 15 Troubleshooting Problems Related to the Active Directory Database 379
Active Directory File 379
Troubleshooting Active Directory Replication 383
Replication Overview 383
Determining DNS Problems 383
Verifying Replication 386
Controlling Replication in Large Organizations 390
Best Practices for Troubleshooting AD Replication 391
Troubleshooting FSMO Roles 391
FSMO Roles and Their Importance 391
Transferring and Seizing FSMO Roles 395
Best Practices for Troubleshooting FSMO Roles 401
Troubleshooting Logon Failures 401
Auditing for Logon Problems 401
Native Mode Logon Problems 407
Account Lockout Problems 408
Remote Access Issues 412
Are You Being Attacked? 412
Controlling WAN Communication 412
Best Practices for Logon and Account Lockout Troubleshooting 413
Coming Up Next 413
Chapter 16 Troubleshooting Active Directory with Microsoft Operations Manager 415
About Microsoft Operations Manager 415
Management Packs 431
Coming Up Next 447
Part 4 Streamlining Management with Scripts 449
Chapter 17 ADSI Primer 451
What Is ADSI? 451
Active Directory Objects 454
Common Active Directory Objects 460
The Basic ADSI Pattern 467
Chapter 18 Active Directory Scripts 511
Windows Script File Basics 511
VBScript Class Basics 512
RootDSE Scripts 516
Domain Scripts 520
Active Directory Query Scripts 525
User Scripts 531
Group Scripts 548
Computer Scripts 557
Organizational Unit Scripts 562
Excel Scripts 567
Coming Up Next 580
Chapter 19 Monitoring Active Directory 581
OutputClass 581
Windows Management Instrumentation (WMI) 583
WMIClass 591
CPU Overload 595
RegistryClass 597
AD Database and Log File Free Space 603
Active Directory Essential Services 605
Active Directory Response Time 606
Global Catalog Server Response 608
Lost and Found Object Count 611
PingClass 612
Operation master Response 614
Monitor Trust Relationships 617
Index 619
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)