Microsoft Windows 2000 Active Directory Services

Microsoft Windows 2000 Active Directory Services

Hardcover(PACKAGE)

$68.36 $76.50 Save 11% Current price is $68.36, Original price is $76.5. You Save 11%.

Product Details

ISBN-13: 9780735610453
Publisher: Microsoft Press
Publication date: 12/01/2000
Edition description: PACKAGE
Pages: 912
Product dimensions: 7.42(w) x 9.08(h) x 1.92(d)

Read an Excerpt


Chapter 1: Securing Network Resources

About This Chapter

This chapter introduces you to Microsoft Windows 2000 file system (NTFS) folder and file permissions. You will learn how to assign NTFS folder and file permissions to user accounts and groups, and how moving or copying files and folders affects NTFS file and folder permissions. You will also learn how to troubleshoot common resource access problems.

Before You Begin

To complete the lessons in this chapter, you must have

  • Completed the Setup procedures located in "About This Book"

  • Completed the exercises and obtained the knowledge and skills covered in Chapter 7, "User Account Administration" and Chapter 8, "Group Account Administration"

  • Configured the computer as a domain controller in a domain

Lesson 1: Understanding NTFS Permissions

NTFS permissions are rules associated with objects that regulate which users can gain access to an object and in what manner. This lesson introduces standard NTFS folder and file permissions. It also explores the effects of combining user account and group permissions with file and folder permissions.


After this lesson, you will be able to

  • Define standard NTFS folder and file permissions

  • Describe the result when multiple NTFS permissions are applied to a resource

  • Describe the result when you combine user account and group permissions for a resource

Estimated lesson time: 10 minutes


NTFS Permissions

Use NTFS permissions to specify which users and groups can gain access to files and folders, and what they can do with the contents of the file or folder. NTFS permissions are only available on NTFS volumes. NTFS permissions are not available on volumes that are formatted with the file allocation table (FAT) or FAT32 file systems. NTFS security is effective whether a user gains access to the file or folder at the computer or over the network. The permissions you assign for folders are different from the permissions you assign for files.

NTFS Folder Permissions

You assign folder permissions to control the access that users have to folders and to the files and subfolders that are contained within the folder.

Table of Contents


ABOUT THIS BOOK xxi
    Intended Audience xxii
    Prerequisites xxii
    Reference Materials xxii
    Features of This Book xxiii
        Notes xxiii
        Conventions xxiii
    Chapter and Appendix Overview xxv
        Finding The Best Starting Point for You xxvii
    Where to Find Specific Skills in This Book xxvii
    Getting Started xxxi
        Hardware Requirements xxxi
        Setup Procedures xxxii
    The Microsoft Certified Professional Program xli
        Microsoft Certification Benefits xlii
        Requirements for Becoming a Microsoft Certified Professional xlv
        Technical Training for Computer Professionals xlvi
    Technical Support xlvii
CHAPTER 1  Introduction to Microsoft Windows 2000 1
        About This Chapter 1
        Before You Begin 1
    Lesson 1: Windows 2000 Overview 2
        Overview of Windows 2000 2
        Windows 2000 Network Environments 8
        Lesson Summary 11
    Lesson 2: Windows 2000 Architecture Overview 12
        Windows 2000 Layers, Subsystems, and Managers 12
        User Mode 12
        Environment Subsystems 13
        Kernel Mode 14
        Lesson Summary 16
     Lesson 3: Windows 2000 Directory Services Overview 17
        What Is a Directory Service? 17
        Why Have a Directory Service? 18
        Windows 2000 Directory Services 19
        Simplified Administration 19
        Scalability 19
        Open Standards Support 20
        Support for Standard Name Formats 21
        Active Directory in the Windows 2000 Architecture 21
        Active Directory Architecture 22
        Lesson Summary 24
    Lesson 4: Logging On to Windows 2000 25
        Logging On to a Domain 25
        Logging On to a Local Computer 26
        Windows 2000 Authentication Process 27
        Practice: Logging On to a Stand-Alone Server 28
        Lesson Summary 28
    Lesson 5: The Windows Security Dialog Box 29
        Using the Windows Security Dialog Box 29
        Practice: Using the Windows Security Dialog Box 30
        Lesson Summary 33
    Review 34
CHAPTER 2  Introduction to Active Directory 35
        About This Chapter 35
        Before You Begin 35
    Lesson 1: Active Directory Overview 36
        Active Directory Objects 36
        Active Directory Components 37
        Logical Structures 38
        Physical Structure 41
        Lesson Summary 43
    Lesson 2: Understanding Active Directory Concepts 44
        Global Catalog 44
        Replication 45
        Trust Relationships 48
        DNS Namespace 49
         Name Servers 53
        Naming Conventions 54
        Lesson Summary 56
    Review 57
CHAPTER 3  Active Directory Administration Tasks and Tools 59
        About This Chapter 59
        Before You Begin 59
    Lesson 1: Active Directory Administration Tasks 60
        Windows 2000 Active Directory Administration Tasks 60
        Lesson Summary 61
    Lesson 2: Active Directory Administrative Tools 62
        Active Directory Administrative Tools 62
        Other Active Directory Administrative Tools 63
        The Microsoft Management Console (MMC) 66
        Console Tree and Details Pane 69
        Snap-Ins 69
        Console Options 71
        Author Mode 71
        Lesson Summary 72
    Lesson 3: Using Microsoft Management Consoles 73
        Using Preconfigured MMCs 73
        Using Custom MMCs 73
        Using MMCs for Remote Administration 74
        Practice: Using Microsoft Management Console 74
        Lesson Summary 79
    Lesson 4: Using Task Scheduler 80
        Introduction to Task Scheduler 80
        Practice: Using Task Scheduler 81
        Lesson Summary 84
    Review 85
CHAPTER 4  Implementing Active Directory 87
        About This Chapter 87
        Before You Begin 87
    Lesson 1: Planning Active Directory Implementation 88
        Planning a Domain Structure 88
        Planning a Domain Namespace 92
         Planning an OU Structure 97
        Planning a Site Structure 100
        Lesson Summary 101
    Lesson 2: Installing Active Directory 103
        The Active Directory Installation Wizard 103
        Configuring DNS for Active Directory 104
        The Database and Shared System Volume 104
        Domain Modes 105
        Removing Active Directory Services from a Domain Controller 106
        Practice: Installing Active Directory 107
        Lesson Summary 110
    Lesson 3: Operations Master Roles 111
        Operations Master Roles 111
        Forest-Wide Operations Master Roles 111
        Domain-Wide Operations Master Roles 112
        Planning Operations Master Locations 113
        Identifying Operations Master Role Assignments 115
        Transferring Operations Master Role Assignments 116
        Responding to Operations Master Failures 118
        Lesson Summary 119
    Lesson 4: Implementing an Organizational Unit Structure 120
        Creating OUs 120
        Setting OU Properties 120
        Practice: Creating an OU 122
        Lesson Summary 123
    Review 124
CHAPTER 5  DNS and Active Directory Integration 125
        About This Chapter 125
        Before You Begin 125
    Lesson 1: Understanding DNS Name Resolution 126
        Name Resolution 126
        Forward Lookup Query 127
        Name Server Caching 128
        Reverse Lookup Query 129
        Lesson Summary 130
     Lesson 2: Understanding and Configuring Zones 131
        Zones 131
        Zone Planning 131
        Forward Lookup Zones 132
        Reverse Lookup Zones 134
        Resource Records 135
        Delegating Zones 136
        Configuring Dynamic DNS 138
        Practice: Configuring Zones 139
        Lesson Summary 142
    Lesson 3: Zone Replication and Transfer 143
        Zone Replication and Zone Transfers 143
        DNS Notification 146
        The DNS Notify Process 147
        Lesson Summary 148
    Lesson 4: Monitoring and Troubleshooting DNS for Active Directory 149
        Monitoring DNS Servers 149
        DNS Troubleshooting Scenarios 150
        Lesson Summary 152
    Review 153
CHAPTER 6  Configuring Sites 155
        About This Chapter 155
        Before You Begin 155
    Lesson 1: Configuring Site Settings 156
        Configuring Site Settings 156
        Sites 156
        Subnets 157
        Site Links 159
        Site Licensing 161
        Practice: Configuring a Site 162
        Lesson Summary 164
    Lesson 2: Configuring Inter-Site Replication 165
        Configuring Inter-Site Replication 165
        Site Link Attributes 165
        Site Link Bridges 168
         Manually Configuring Connections 169
        Designating a Preferred Bridgehead Server 171
        Practice: Configuring Inter-Site Replication 172
        Lesson Summary 173
    Lesson 3: Troubleshooting Replication 174
        Troubleshooting Replication 174
        Checking Replication Topology 175
        Lesson Summary 175
    Lesson 4: Maintaining Server Settings 176
        Maintaining Server Settings 176
        Creating a Server Object in a Site 176
        Moving Server Objects Between Sites 176
        Enabling or Disabling a Global Catalog 177
        Removing an Inoperative Server Object from a Site 177
        Lesson Summary 177
    Review 178
CHAPTER 7  User Account Administration 179
        About This Chapter 179
        Before You Begin 179
    Lesson 1: Introduction to User Accounts 180
        Local User Accounts 180
        Domain User Accounts 181
        Built-In User Accounts 182
        Lesson Summary 183
    Lesson 2: Planning New User Accounts 184
        Naming Conventions 184
        Password Requirements 185
        Account Options 186
        Practice: Planning New User Accounts 186
        Lesson Summary 189
    Lesson 3: Creating User Accounts 190
        Creating Local User Accounts 190
        Creating Domain User Accounts 191
        Practice: Creating Domain User Accounts 194
        User Account Properties 196
        Setting Personal Properties 197
         Setting Account Properties 197
        Setting Logon Hours 199
        Setting the Computers from Which Users Can Log On 200
        Configuring Dial-In Settings 201
        Practice: Modifying User Account Properties 202
        Lesson Summary 206
    Lesson 4: Creating User Profiles 207
        User Profiles 207
        Local User Profiles 210
        Roaming User Profiles 210
        Mandatory User Profiles 213
        Practice: Managing User Profiles 214
        Lesson Summary 219
    Lesson 5: Creating Home Directories 220
        Introducing Home Directories 220
        Creating Home Directories on a Server 220
        Lesson Summary 221
    Lesson 6: Maintaining User Accounts 222
        Disabling, Enabling, Renaming, and Deleting User Accounts 222
        Resetting Passwords and Unlocking User Accounts 223
        Resetting Passwords 223
        Unlocking User Accounts 224
        Practice: Administering User Accounts 224
        Lesson Summary 226
    Review 227
CHAPTER 8  Group Account Administration 229
        About This Chapter 229
        Before You Begin 229
    Lesson 1: Introduction to Groups 230
        Groups and Permissions 230
        Group Types 231
        Group Scopes 231
        Group Nesting 233
        Rules for Group Membership 233
        Local Groups 234
         Using Local Groups 234
        Lesson Summary 234
    Lesson 2: Planning a Group Strategy 236
        Planning Global and Domain Local Groups 236
        Using Universal Groups 237
        Practice: Planning New Group Accounts 238
        Lesson Summary 240
    Lesson 3: Creating Groups 241
        Creating and Deleting Groups 241
        Deleting a Group 242
        Adding Members to a Group 242
        Changing the Group Type 244
        Changing the Group Scope to Universal 244
        Creating Local Groups 245
        Practice: Creating Groups 247
        Lesson Summary 249
    Lesson 4: Understanding Default Groups 250
        Predefined Groups 250
        Built-In Groups 251
        Built-In Local Groups 252
        Special Identity Groups 253
        Lesson Summary 254
    Lesson 5: Groups for Administrators 255
        Why You Should Not Run Your Computer as an Administrator 255
        Administrators as Members of the Users and Power Users Groups 255
        Using Run As to Start a Program 256
        RUNAS Command 257
        RUNAS Examples 258
        Practice: Using Run As to Start a Program as an Administrator 259
        Lesson Summary 259
    Review 260

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews