Active Directory

From Leo's Notes
Last edited on 4 December 2012, at 07:59.

OU - organizational unit 

     - descrete units, users don't see this most of the time.

- group policies CN - common name

AD - a database file named NTDS.dit 

- centralized. ability to centrally administer computers


forest root 

- domain controller (has a CN)
   - organizational units
       - users?

forest functional level (FFL) - latter servers has more features

domain functional level (DFL)

built in accounts are only for domain controllers 

- other computers will still have other accounts with the same types of accounts..

Users are accounts which are visible/available for the entire domain

FSMO - flexible single master operations. aka. Operations masters 

- 5 operations:
Domain Roles:
   1. PDC Emulator - Emulates a NT4 PDC. Syncs clocks, Password changes/locks, GPO changes are made to this
   2. RID - Relative ID Master. Serves pools of unused RIDs
   3. Infrastructure - cross-domain objects are handled/xfered
Forest Roles:
   4. Domain Naming - Ensures no domains have same names
   5. Schema

If you sieze Schema, Domain, or RID... don't bring them back online.
PDC + RID. Domain + Schema. Infrastructure NEVER with Global Catalogue


adasiedit 

 precedence = z-score of the PSO. lowest first


multiple forest roots = a forest global catalog - like an index inside the forest


oobe.exe - out of the box experience dcpromo - starts domain control install 

dcpromo /unattend:<answerfile.txt>   for unattended installs

set - shows all set variables on the user environment

netdom query fsmo - shows the fsmo roles in the dc

netsh show interfaces - shows internet devices netsh interface ipv4 set address name=2 source=static|dhcp address=10... mask=... gateway=... netsh interface ipv4 add dnsserver name=? address=...

netdom renamecomputer %computername% /newname:... /userd:administrator@dc /passwordd:... /reboot:0


change DC name netdom computername %computername% /add:newserver01.windows.home.steamr.com netdom computername %computername% /makeprimary:newserver01.... <reboot> netdom computername %computername% /remove:server01.windows.home.steamr.com

netdom join $compname /domain:... /userd