Mastering Active Directory for Windows Server 2003 R2

Mastering Active Directory for Windows Server 2003 R2

2.8 (5 ratings by Goodreads)
By (author)  , By (author)  , By (author) 

Free delivery worldwide

Available. Dispatched from the UK in 4 business days
When will my order arrive?


Active Directory stores information about a network's users and directories, making it easier to configure, manage, and update a network. "Windows Server 2003 R2" will include a new scripting engine to make Active Directory administration quicker and easier, plus a Group Policy Management Console for managing group and user accounts. Geared to experienced system administrators, this book focuses on serious day-to-day needs and provides real-world solutions, including scripts that can be downloaded and implemented in any AD system.
show more

Product details

  • Paperback | 672 pages
  • 191 x 228 x 35mm | 954g
  • Sybex Inc.,U.S.
  • New York, United States
  • English
  • 1. Auflage
  • 0782144411
  • 9780782144413
  • 1,373,021

Back cover copy

In-Depth Coverage for High-Level Active Directory Administrators

If you're an Active Directory systems administrator, this comprehensive guide to the Windows Server 2003 R2 version of Active Directory offers you targeted solutions for the day-to-day requirements of managing a system. From improving your efficiency with ready-to-use scripts that can be downloaded from Sybex's web site, to a full range of automation solutions for managing the accounts of users and groups, this book delves into detail at the advanced level you need.

Practical and immediate, Mastering Active Directory for Windows Server 2003 R2 provides serious instruction for serious users, but also includes a refresher of the basics--a valuable resource you'll turn to again and again.

Coverage includes

Understanding schema, the building blocks of Active Directory Organizing the physical and logical aspects of Active Directory Finding out what's new in R2 that enhances Active Directory Examining Microsoft's latest UNIX integration in R2 Designing a rock solid Active Directory infrastructure Employing the new R2 scripting engine Managing groups, users, and computers Setting boundaries on policies, sites, and access Analyzing and prioritizing risk Troubleshooting at the highest level

All the ready-to-use scripts are available for download from the book's product page on

Leverage Real-World Solutions for Automating Management Tasks

Increase your Productivity with Five Full Chapters on Troubleshooting

Take Advantage of Ready-to-Use Scripts
show more

Table of contents

Introduction xxi

Part 1 Active Directory Design 1

Chapter 1 Active Directory Fundamentals 3

Do I Need Active Directory? 3

The Basics 4

What s New in R2? 9

Pre-Design Criteria 10

Coming Up Next 12

Chapter 2 Domain Name System Design 13

Tied Together 13

How to Resolve 14

Internal and External Name Options 21

Understanding the Current DNS Infrastructure 22

That Other DNS Server 23

Propagating the Changes 24

Protecting DNS 27

Keeping the System Accurate 33

Coming Up Next 37

Chapter 3 Active Directory Forest and Domain Design 39

Active Directory Forest Design Criteria 40

Multiple Forests: Pros and Cons 47

Forest Functionality Mode Features in Windows 2003 52

Active Directory Domain Design 55

Active Directory Domain Design Criteria 55

Multiple Domains: Pros and Cons 58

Coming Up Next 72

Chapter 4 Organizing the Physical and Logical Aspects of Active Directory 73

Determining the Site Topology 73

Understanding the Current Network Infrastructure 76

Setting Your Sites to Support the Active Directory Design 78

Designing Site Links and Site Link Bridges 81

Organizational Unit Design 84

Designing OUs for Group Policy 94

Coming Up Next 112

Chapter 5 Flexible Single Master Operations Design 113

What Are the FSMO Roles? 113

Choosing Flexible Single Master Operations Placement 117

Coming Up Next 120

Part 2 Active Directory Management 121

Chapter 6 Managing Accounts: User, Group, and Computer 123

Account Types 123

Utilities 147

Coming Up Next 173

Chapter 7 Managing Access with Active Directory Services 175

Active Directory Federation Services 176

Configuring Clients 196

Identity Management for Unix 198

Coming Up Next 219

Chapter 8 Maintaining Organizational Units 221

Organizational Units 221

User Rights and Permissions When Accessing Resources 227

Permissions 230

Delegation of Control 234

Auditing 239

Moving Objects in Active Directory 244

Coming Up Next 248

Chapter 9 Managing Group Policy 249

Group Policy Management Tools 249

Working with ADU&C or ADS&S 250

Group Policy Management Console (GPMC) 251

Administrative Templates 260

Group Policy Inheritance 261

Group Policy Storage 263

Group Policy Processing 264

Group Policy Troubleshooting 267

Practical Uses of Group Policy 269

Coming Up Next 274

Chapter 10 Managing Site Boundaries 275

Replication within Active Directory 275

Coming Up Next 293

Chapter 11 Managing the Flexible Single Master Operations Roles 295

Identifying the Role Holders 295

Maintaining the Role Holders 303

Coming Up Next 316

Chapter 12 Maintaining the Active Directory Database 317

The Active Directory Database 318

The Active Directory Schema 333

Modifying the Schema 335

Coming Up Next 336

Part 3 Troubleshooting Active Directory 337

Chapter 13 Microsoft s Troubleshooting Methodology for Active Directory 339

High-Level Methodology 339

Coming Up Next 351

Chapter 14 Troubleshooting Problems Related to Network Infrastructure 353

Components of Network Infrastructure 353

Name Resolution Methods 353

Methodologies of Network Troubleshooting 364

Coming Up Next 378

Chapter 15 Troubleshooting Problems Related to the Active Directory Database 379

Active Directory File 379

Troubleshooting Active Directory Replication 383

Replication Overview 383

Determining DNS Problems 383

Verifying Replication 386

Controlling Replication in Large Organizations 390

Best Practices for Troubleshooting AD Replication 391

Troubleshooting FSMO Roles 391

FSMO Roles and Their Importance 391

Transferring and Seizing FSMO Roles 395

Best Practices for Troubleshooting FSMO Roles 401

Troubleshooting Logon Failures 401

Auditing for Logon Problems 401

Native Mode Logon Problems 407

Account Lockout Problems 408

Remote Access Issues 412

Are You Being Attacked? 412
show more

About Brad Price

Brad Price, MCSE, MCT, is a technical trainer specializing in Active Directory and Exchange Server 2000 and 2003. He is the author of Active Directory Best Practices 24seven: Migrating, Designing, and Troubleshooting and MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide, both from Sybex. John Price, a Citrix Certified Administrator and Microsoft Certified Trainer, is a trainer and network engineer consultant specializing in Citrix enterprise implementations. Scott Fenstermacher is currently a network engineer for a top 200 software company. He has a degree in computer science and holds several certifications from Microsoft and other vendors, including MCSE, MCSD, and MCDBA.
show more

Rating details

5 ratings
2.8 out of 5 stars
5 20% (1)
4 0% (0)
3 40% (2)
2 20% (1)
1 20% (1)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X