answersLogoWhite

Active Directory

Active Directory is a set of networking services made by Microsoft. Questions about using and configuring Active Directory belong here.

2,157 Questions
Windows Server 2003
Active Directory

Active directory will not function without what?

DNS

559560561
Windows XP
Active Directory

Your user account keeps locking you out of the domain?

Obviously this happens when your password attempts to log in fail. I have also seen this behavior with an automatic reconnection to a mapped network drive using a different account and the wrong password.

297298299
Windows Server 2003
Active Directory

How does Active Directory use DNS?

When you install Active Directory on a server, you promote the server to the role of a domain controller for a specified domain. When completing this process, you are prompted to specify a DNS domain name for the Active Directory domain for which you are joining and promoting the server.

If during this process, a DNS server authoritative for the domain that you specified either cannot be located on the network or does not support the DNS dynamic update protocol, you are prompted with the option to install a DNS server. This option is provided because a DNS server is required to locate this server or other domain controllers for members of an Active Directory domain.

Once you have installed Active Directory, you have two options for storing and replicating your zones when operating the DNS server at the new domain controller:

* Standard zone storage, using a text-based file.

Zones stored this way are located in .Dns files that are stored in the systemroot\System32\Dns folder on each computer operating a DNS server. Zone file names correspond to the name you choose for the zone when creating it, such as abc.com.dns if the zone name was "abc.com."

* Directory-integrated zone storage, using the Active Directory database.

Zones stored this way are located in the Active Directory tree under the domain or application directory partition. Each directory-integrated zone is stored in a dnsZone container object identified by the name you choose for the zone when creating it.

Benefits of Active Directory integration

For networks deploying DNS to support Active Directory, directory-integrated primary zones are strongly recommended and provide the following benefits:

* Multimaster update and enhanced security based on the capabilities of Active Directory.

In a standard zone storage model, DNS updates are conducted based upon a single-master update model. In this model, a single authoritative DNS server for a zone is designated as the primary source for the zone.

This server maintains the master copy of the zone in a local file. With this model, the primary server for the zone represents a single fixed point of failure. If this server is not available, update requests from DNS clients are not processed for the zone.

With directory-integrated storage, dynamic updates to DNS are conducted based upon a multimaster update model.

In this model, any authoritative DNS server, such as a domain controller running a DNS server, is designated as a primary source for the zone. Because the master copy of the zone is maintained in the Active Directory database, which is fully replicated to all domain controllers, the zone can be updated by the DNS servers operating at any domain controller for the domain.

With the multimaster update model of Active Directory, any of the primary servers for the directory-integrated zone can process requests from DNS clients to update the zone as long as a domain controller is available and reachable on the network.

Also, when using directory-integrated zones, you can use access control list (ACL) editing to secure a dnsZone object container in the directory tree. This feature provides granulated access to either the zone or a specified RR in the zone.

For example, an ACL for a zone RR can be restricted so that dynamic updates are only allowed for a specified client computer or a secure group such as a domain administrators group. This security feature is not available with standard primary zones.

Note that when you change the zone type to be directory-integrated, the default for updating the zone changes to allow only secure updates. Also, while you may use ACLs on DNS-related Active Directory objects, ACLs may only be applied to the DNS client service.

* Zones are replicated and synchronized to new domain controllers automatically whenever a new one is added to an Active Directory domain.

Although DNS service can be selectively removed from a domain controller, directory-integrated zones are already stored at each domain controller, so zone storage and management is not an additional resource. Also, the methods used to synchronize directory-stored information offer performance improvement over standard zone update methods, which can potentially require transfer of the entire zone.

* By integrating storage of your DNS zone databases in Active Directory, you can streamline database replication planning for your network.

When your DNS namespace and Active Directory domains are stored and replicated separately, you need to plan and potentially administer each separately. For example, when using standard DNS zone storage and Active Directory together, you would need to design, implement, test, and maintain two different database replication topologies. For example, one replication topology is needed for replicating directory data between domain controllers, and another topology would be needed for replicating zone databases between DNS servers.

This can create additional administrative complexity for planning and designing your network and allowing for its eventual growth. By integrating DNS storage, you unify storage management and replication issues for both DNS and Active Directory, merging and viewing them together as a single administrative entity.

* Directory replication is faster and more efficient than standard DNS replication.

Because Active Directory replication processing is performed on a per-property basis, only relevant changes are propagated. This allows less data to be used and submitted in updates for directory-stored zones.

283284285
Internet
Windows Server 2003
Active Directory

What main group type is found in Active Directory?

The main group type found in active directory is the security group.

275276277
Windows Server 2003
Active Directory

What is the database name of active directory?

Ntds.dit

255256257
Windows Server 2003
Active Directory

What happens if primary domain controller fails?

You wont be able to access the network resources/login properly to your account.

233234235
Windows Server 2003
Active Directory

How do you shutdown global catalog server?

I know the ans but i am not going to tell you guyz.

209210211
Domain Names
Windows Server 2003
Active Directory

What is domain namespace of www.pntc.com.kh?

.(root)

com.kh

pntc

for more info

http://technet.microsoft.com/en-us/library/cc958962.aspx

189190191
Active Directory

What is Group Scope?

Group scopes determine where in the Active Directory forest a

group is accessible and what objects can be placed into the group.

Windows Server 2003 includes three group scopes: global, domain

local, and universal.

166167168
Domain Names
Windows Server 2003
Active Directory

What is collusion domain?

A computer network can be segmented physically but also logically. A collision domain is one of the logical network segments in which the data packets can collide to each other. One of the most common protocols used when referring to a collision domain is the Ethernet protocol. Collision domains are often referred as 'Ethernet segments'.

The term of 'collision domain' is also used when describing the circumstances in which a single network device sends packets throughout a network segment and forces every other device in that network segment to pay attention to those packets.

179180181
Active Directory
Acronyms & Abbreviations
Medical Terminology

What does ou stand for?

Organizational Unit

173174175
Home Improvement
Arts and Crafts
Windows 7
Active Directory

How do you paint old galvanized window screen mesh?

Go to your hardware store and buy the canned spray paint that covers rust. If in doubt ask someone in the Hardware Store.

159160161
Windows Server 2003
Active Directory
Windows Server 2008

What is the Active Directory of Windows server?

ACTIVE DIRECTORY IS A CENTRALIZED DATABASE ...WHICH IS USED IN DOMAIN FOR ADMINISTRATIVE PURPOSES.. An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains. It is primarily used for online information and was originally created in 1996 and first used with Windows 2000.

An active directory (sometimes referred to as an AD) does a variety of functions including the ability to provide information on objects, helps organize these objects for easy retrieval and access, allows access by end users and administrators and allows the administrator to set security up for the directory. An active directory can be defined as a hierarchical structure and this structure is usually broken up into three main categories, the resources which might include hardware such as printers, services for end users such as web email servers and objects which are the main functions of the domain and network. It is interesting to note the framework for the objects. Remember that an object can be a piece of hardware such as a printer, end user or security settings set by the administrator. These objects can hold other objects within their file structure. All objects have an ID, usually an object name (folder name). In addition to these objects being able to hold other objects, every object has its own attributes which allows it to be characterized by the information which it contains. Most IT professionals call these setting or characterizations schemas. Depending on the type of schema created for a folder, will ultimately determine how these objects are used. For instance, some objects with certain schemas can not be deleted, they can only be deactivated. Others types of schemas with certain attributes can be deleted entirely. For instance, a user object can be deleted, but the administrator object can not be deleted. When understanding active directories, it is important to know the framework that objects can be viewed at. In fact, an active directory can be viewed at either one of three levels, these levels are called forests, trees or domains. The highest structure is called the forest because you can see all objects included within the active directory. Within the Forest structure are trees, these structures usually hold one or more domains, going further down the structure of an active directory are single domains. To put the forest, trees and domains into perspective, consider the following example. A large organization has many dozens of users and processes. The forest might be the entire network of end users and specific computers at a set location. Within this forest directory are now trees that hold information on specific objects such as domain controllers, program data, system, etc. Within these objects are even more objects which can then be controlled and categorized Active Directory in Windows Server 2003

The Active Directory is the one of the important part of Windows Server 2003 networking .First need to know and understand Active directory . How does it work? It makes information easy for the administrator and the users. You can use the Active Directory to design a organization's structure according to the requirement . If you are using the Active Directory then you can scale active directory from a single computer to a single network or to many networks. In active directory you can include every object server and domain in a network.

Logical Component

In the organization you set up in Windows Server 2003 and the organization you set up in Exchange Server 2003 are the same and the same is the case with Windows 2000 and Exchange 2000 as well. Now i am going to tell you it's advantage one user administrator manage all aspects of user configuration. These logical constructs which are described in the following subsections allow you to define and group resources so that they can be located and administered by the name rather than by physical location.

Objects

Object is the basic unit in the Active Directory. It is a apocarpous named set of features that represents something adjective such as a user , printer and the application. A user is also an object. In Exchange a user's features include its name and location , surrounded by other things.

Organization Unit

Organization Unit is a persona in which you can keep objects such as user accounts, groups, computer, printer . applications and other (OU). In organization unit you can assign specific permission to the user's. organization unit can also be used to create departmental limitation.

Domains

Domains is a group of computers and other resources that are part of a network and share a common directory database .Once a server has been installed , you can use the Active Directory Wizard to install Active Directory in order to install Active directory on the first server on the network , that server must have the access to a server running DNS (Domain Name Service). If you don't have install this service on your server then you will have to install this service during the Active Directory installation.. == == Active Directory in Windows Server 2003

The Active Directory is the one of the important part of Windows Server 2003 networking .First need to know and understand Active directory . How does it work? It makes information easy for the administrator and the users. You can use the Active Directory to design a organization's structure according to the requirement . If you are using the Active Directory then you can scale active directory from a single computer to a single network or to many networks. In active directory you can include every object server and domain in a network.

Logical Component

In the organization you set up in Windows Server 2003 and the organization you set up in Exchange Server 2003 are the same and the same is the case with Windows 2000 and Exchange 2000 as well. Now i am going to tell you it's advantage one user administrator manage all aspects of user configuration. These logical constructs which are described in the following subsections allow you to define and group resources so that they can be located and administered by the name rather than by physical location.

Objects

Object is the basic unit in the Active Directory. It is a apocarpous named set of features that represents something adjective such as a user , printer and the application. A user is also an object. In Exchange a user's features include its name and location , surrounded by other things.

Organization Unit

Organization Unit is a persona in which you can keep objects such as user accounts, groups, computer, printer . applications and other (OU). In organization unit you can assign specific permission to the user's. organization unit can also be used to create departmental limitation.

Domains

Domains is a group of computers and other resources that are part of a network and share a common directory database .Once a server has been installed , you can use the Active Directory Wizard to install Active Directory in order to install Active directory on the first server on the network , that server must have the access to a server running DNS (Domain Name Service). If you don't have install this service on your server then you will have to install this service during the Active Directory installation.. An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains. It is primarily used for online information and was originally created in 1996 and first used with Windows 2000.

An active directory (sometimes referred to as an AD) does a variety of functions including the ability to provide information on objects, helps organize these objects for easy retrieval and access, allows access by end users and administrators and allows the administrator to set security up for the directory. An active directory can be defined as a hierarchical structure and this structure is usually broken up into three main categories, the resources which might include hardware such as printers, services for end users such as web email servers and objects which are the main functions of the domain and network. It is interesting to note the framework for the objects. Remember that an object can be a piece of hardware such as a printer, end user or security settings set by the administrator. These objects can hold other objects within their file structure. All objects have an ID, usually an object name (folder name). In addition to these objects being able to hold other objects, every object has its own attributes which allows it to be characterized by the information which it contains. Most IT professionals call these setting or characterizations schemas. Depending on the type of schema created for a folder, will ultimately determine how these objects are used. For instance, some objects with certain schemas can not be deleted, they can only be deactivated. Others types of schemas with certain attributes can be deleted entirely. For instance, a user object can be deleted, but the administrator object can not be deleted. When understanding active directories, it is important to know the framework that objects can be viewed at. In fact, an active directory can be viewed at either one of three levels, these levels are called forests, trees or domains. The highest structure is called the forest because you can see all objects included within the active directory. Within the Forest structure are trees, these structures usually hold one or more domains, going further down the structure of an active directory are single domains. To put the forest, trees and domains into perspective, consider the following example. A large organization has many dozens of users and processes. The forest might be the entire network of end users and specific computers at a set location. Within this forest directory are now trees that hold information on specific objects such as domain controllers, program data, system, etc. Within these objects are even more objects which can then be controlled and categorized.
Microsoft Active Directory Domain Services are the foundation for distributed networks built on Windows 2000 Server, Windows Server 2003 and Microsoft Windows Server 2008 operating systems that use domain controllers.

155156157
Active Directory

What is a group scope and what are the different types of group scopes?

Group scopes determine where in the Active Directory forest a group is accessible and what objects can be placed into the group. Windows Server 2003 includes three group scopes: global, domain local, and universal.

â–  Global groups are used to gather users that have similar permissions requirements. Global groups have the following characteristics:

1. Global groups can contain user and computer accounts only from the domain in which the global group is created.

2. When the domain functional level is set to Windows 2000 native or Windows Server 2003 (i.e., the domain contains only Windows 2000 or 2003 servers), global groups can also contain other global groups from the local domain.

3. Global groups can be assigned permissions or be added to local groups in any domain in a forest.

â–  Domain local groups exist on domain controllers and are used to control access to resources located on domain controllers in the local domain (for member servers and workstations, you use local groups on those systems instead). Domain local groups share the following characteristics:

1. Domain local groups can contain users and global groups from any domain in a forest no matter what functional level is enabled.

2. When the domain functional level is set to Windows 2000 native or Windows Server 2003, domain local groups can also contain other domain local groups and universal groups.

â–  Universal groups are normally used to assign permissions to related resources in multiple domains. Universal groups share the following characteristics:

1. Universal groups are available only when the forest functional level is set to Windows 2000 native or Windows Server 2003.

2. Universal groups exist outside the boundaries of any particular domain and are managed by Global Catalog servers.

3. Universal groups are used to assign permissions to related resources in multiple domains.

4. Universal groups can contain users, global groups, and other universal groups from any domain in a forest.

5. You can grant permissions for a universal group to any resource in any domain

153154155
Windows XP
Active Directory

Are the SRV records of a child domain updated automatically during Active Directory installation?

After running DCPROMO, A text file containing the appropriate DNS resource records for the domain controller is created. The file called Netlogon.dns is created in the %systemroot%\System32\config folder and contains all the records needed to register the resource records of the domain controller.

Netlogon.dns is used by the Windows 2000 NetLogon service and to support Active Directory for non-Windows 2000 DNS servers.

If you are using a DNS server that supports the SRV resource record but does not support dynamic updates (such as a UNIX-based DNS server or a Windows NT Server 4.0 DNS server), you can import the records in Netlogon.dns into the appropriate primary zone file to manually configure the primary zone on that server to support Active Directory.

so if you are using w2k with dynamic update it will automatically create the SRV

155156157
Computer Networking
Windows Server 2003
Active Directory

Which protocol relies on DNS for name resolution?

DNS is Domain name system for short . Domain name system maps a name to an address. Protocol that relies upon DNS is TCP/IP .

tcpip protocol

99100101
Computer Terminology
Letters Notes and Memos
Windows Server 2003
Active Directory

What is meant by server in an organization?

Computer architecture is the structure and organization of a computer's hardware or software system. Software engineering is the technological and managerial discipline concerned with systematic production and maintenance of software products. Computer Architecture is the science and art of selecting and interconnecting hardware components to create computers that meet functional, performance and cost goals. Computer architecture is not about using computers to design buildings.

139140141
Active Directory

What is the command to restart Server Core?

To shut down a Windows 2008 Server Core System, at the command prompt type:

Shutdown -s -t xx

where

-s = shut down

-t xx = time to wait before shutting down in seconds, where xx =0 to 600

To shut down a Windows 2008 Server Core System immediately, at the command prompt type:

Shutdown -s -t 0

where 0 = wait zero seconds (shut down immediately)

To restart a Windows 2008 Server Core System, at the command prompt type:

Shutdown -r -t xx

where

-r = reboot

-t xx = time to wait before shutting down in seconds, where xx = 0 to 600

To restart a Windows 2008 Server Core System immediately, at the command prompt type:

Shutdown -r -t 0

where 0 = wait zero seconds (reboot immediately)

119120121
Computers
Windows XP
Active Directory
The Difference Between

How can you install XP Pro on two drives in such a way that upon startup you can choose between both systems?

Simply install the first XP pro, then install the second and it will create an automatic boot menu... if you want to know how to edit the boot menu check my answer on that problem here: If you have two hard disks one with XP as OS the other with WIN 2003 Server and WIN 2000 Server how do you set one to boot as the default

119120121
Mobile Phones
SMS and Texting
Windows Server 2003
Active Directory

Can you run sms server without active directory?

hello

113114115
Windows 7
Active Directory

What is Windows 7 loader?

<a href="http://windows7.iyogi.com/support/tips/windows-7-loader.html">windows 7 loader</a> is a program that will make a non-genuine copy of Windows 7 activated permanently. Windows 7 RTM Ultimate Activation with OEM Information

This activator works only for RTM ULTIMATE (Retail and OEM Edition)

It does NOT work on Ultimate 'E' (European) Edition.

Tested and working on both x86 and x64.

Works in Virtual Environment.

Works with dual-boot

No key is needed for install or activation.

The activation adds the OEM master key for you.

Select your OEM Information

No BIOS modification needed.

It has no boot text.

Uses OEM SLP method.

Supports SLIC and non-SLIC enabled BIOS:

Emulate a SLIC 2.1 enabled BIOS on a PC without SLIC 2.1 present...

Use 'Install 7Loader' to install the certificate & key to activate offline...

878889
Jobs
Active Directory
The Difference Between

Advantages and disadvantages of liberalisation?

advatages : 1. It have removed all trade barriers so imported goods are avaibale at cheap rates disadvantages 1. we misuse the liberty for our own means .

899091
Computer Networking
Local Area Network
Active Directory

What layer of the OSI reference model does a switch operate at?

OSI is a general model for networking given by ISO. OSI model has Seven Layer and each layer have certain functions and responsibilities. The switch can be a two layer switch that is a bridge and a three layer switch that is a router.

798081
Windows Server 2003
Active Directory

What is a read only domain controller Or RODC?

One of the new features receiving close attention in Windows 2008 is a new breed of domain controllers referred to as Read-Only Domain Controllers, also known as RODCs. The RODC hosts a copy of the Active Directory (AD) database like any other writable domain controller, but as its name implies, the contents replica of the domain database residing on the domain controller is read-only and write operations are not supported. It is equally important to mention that the RODCs do not participate in Active directory replication in the same fashion as writable domain controllers. The fundamental difference between RODC replication and the typical multimaster replication model between writable domain controllers is that RODCs replication is unidirectional. This means all changes from a writable domain controller are propagated to the RODCs. As a result, the RODC receives changes, but does not partake in or perform outbound replication with other domain controllers.

Read-only domain controllers (RODCs) in Active Directory, intended for use in branch office or other scenarios where a domain controller may reside in a low physical security environment. The RODC holds a non-writeable copy of Active Directory, and redirects all write attempts to a Full Domain Controller. It replicates all accounts except sensitive ones.In RODC mode, credentials are not cached by default. Moreover, only the replication partner of the RODC needs to run Windows Server 2008. Also, local administrators can log on to the machine to perform maintenance tasks without requiring administrative rights on the domain.

939495

Copyright © 2020 Multiply Media, LLC. All Rights Reserved. The material on this site can not be reproduced, distributed, transmitted, cached or otherwise used, except with prior written permission of Multiply.