Servers - Configuring Active Directory

Diy-Computer-Repair can help!

Configuring Active Directory a How to...

Open the Active Directory Users and Computers console located in the Administrative Tools from the Programs listing.

If you look at the hierarchy you can use the set up as is or you can customize it with your own hierarchy.  Create your base container and add the other containers underneath. Once you have decided on your hierarchy then the only thing left to do is to do it! You can name the parent container anything you like, you will be doing a lot of work in it.

If you have a small domain (less than 10 users) you can put your user id's in the user container (all the folders in the AD interface are called containers, they look like folders but are not). If you anticipate that you will have more users then create a new container for the domain. You can create containers for each of your departments, cities, or states under the parent container. Name and create your containers that fits your business logic, if you are only in one city then you might want the containers to be departmental. If you have locations in different cities but very few states then create your containers by the city then under that the departments, and so on.

Consider how your users will access the resources of the domain. Using Groups you can control each user id's access to the resource. You can create the container under your new domain container along with the computers, user(s), groups, and printers.

After setting up your container hierarchy you can work on the domain user id's. Unless you know how to set up a user id (it is a little different from a user ID on a standalone system) use the help function built into the AD Console. 

Note: You will want to insure that there are other user id's that have Administrator association, don't go overboard just users that you can trust with the security of your domain.

Next Groups, this is the meat of the security. You control who gets access to what resource through the Group function. You can set up each group by function, department, city, state, or what you think is appropriate. You use groups to set security on your resources. You wouldn't want a worker on the assembly line to have access to the a sensitive server or folder, but would want the a supervisor to have access to create reports.

Next you should think about creating containers for computers, printers, and servers (if you have more than two servers). This will simplify your administrative tasks. You can assign security to each Group then that security can be assigned to the objects in the container.

Note: When you join a computer to the domain it will reside in the Domain computers container. If you have a custom hierarchy with workstations and/or servers you will have to move the new computer name to one of these containers. A way around this is to create the computer name in the appropriate container  before joining it to the domain.

Sample: you have a department with fifteen users, of those three are supervisors. So you would create the container by department name, under that create two more containers. One for the supervisors and one for the workers. You put the three supervisors in the supervisor container and the workers in the worker container. Then you can assign rights to the supervisor Group to a folder on the server called reports. The workers will not have access to the folder called reports.

Sample: You have three servers and thirty workstations. You create a container called Servers and one called Workstations. You move the servers into the server container and the workstations into the workstation container. You have two Domain Administrators but only one that will work on Servers and both will work on workstations. You give the one administrator access to the server Group and workstation Group. The workstation Group you give access to both. Thus the administrator that has workstation access can not log on to the servers.

Sample: You have five printers. Four are for everyone's use but the super-duper color printer is very expensive to operate. How do you insure that only certain users can access the color printer? You create one container for the  printers. You give access to the color Group only to the users that require color printing. You give access to the other printer Group to all users.

This is a short guide not to be construed as a complete working of Active Directory.  If you need more help it is available with the help function. There are very comprehensive books available for a complete run down on how to use Active Directory.

As you can see a domain will allow you to control who uses what, who access a high value resource or confidential files.


Thank you for visiting my web site, and please come back again.

DIY Computer Repair has Computer parts at competitive prices

diy-computer-repair has external links for more information on repair and parts.

If you can't find it here, leave me a message and I will see if I can find it for you.


Return to previous page

Home Support   About owner   Site Map   Why I use SBI
Privacy Policy


SBI a better
way to
build
a web site!

Custom Search

Subscribe
to the
Fix It!
Newsletter

Email

First Name

Then

Don't worry --
Your e-mail
address is
totally secure.
I promise to
use it only
to send you
DIY-Computer-Repair Fix It.

xml-rss Add to My Yahoo!
Add to My MSN Add to Google AddThis Social Bookmark Button My StumbleUpon Page Computer Blogs - BlogCatalog Blog Directory

Page copy protected against web site content infringement by Copyscape


MORE INFORMATION
Servers Index Hardware considerations Configuration considerations RAID Configurations Teaming for NIC's Configuring DNS Configuring your IP Configuring WINS Configuring Domain Controller Configuring Active Directory Configuring DHCP IIS -Configuring a Internet Information Service Software and Applications Installation

Build a Server Guide