Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Information about Domain Controller 2003


  • Please log in to reply

#1
Mobi

Mobi

    Member

  • Member
  • PipPip
  • 52 posts
Hi guyz,

I wanted to know about the Domain controller I mean what are sites, forest etc. More over I see in the administrative tools different things like Active Directory Site and Services, Active Directory Domain and trust, Domain Controller Security Policy, Domain Security Policy, clusters.

I have worked with group policy on domain controller for disabling USB drives and some other registry key auditing through Domain controller but I am not satisfied with that and also I do not want to go into theory things. Can you provide me any good reading like case study which will clear my concepts about all these things?? In fact I have configured one DC myself for testing purpose but I was just doing hit and trial and similarly I completed the installation of the DNS for that Domain Controller. But I am not satisfied and neither my mind is clear about these things so please suggest
  • 0

Advertisements


#2
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
....yeah....that's a ridiculously complex topic and is going to be virtually impossible to answer here....i'd go to the book store and look for some books about active directory and domain management....it's really hard to pin down specifics with such a broad question

some basics:

Domain: a Domain is basically a container for objects in a client/server style network.

Object: an object is any network resource in a domain structure (computer, server, user, etc..)

Forest: is a top level collection of related Domains in a given network structure i.e. if your company was ABC Corp and it had 4 divisions under it's control (ABC Widgets, ABC Whatsits, ABC Thingamabobs, and ABC toothbrushes) the forest would be something like ABC.com then you would have domains within that forest called ABCWidgets.ABC.com, ABCWhatsits.ABC.com, ABCThingamabobs.ABC.com and ABCToothbrushes.ABC.com)...a forest structure allows you to have separate domains for separate companies/organizations while still maintaining enterprise control at the root of the forest

Site: a site is exactly what it means...it's a representation of a physical location for a particular domain/forest. in a forest each site would represent the location of each child domain in the forest. in a domain each site is basically the domain controler



group policy is only as strong as the person writing it...you can do A LOT of great things if you know what you're doing...also the usb blocking in 2003 is dismal at best...2008 is supposed to be much more robust
  • 0

#3
Mobi

Mobi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Thanks for providing such brief but clear definitions. So should I have to start reading a book?? Ti get more detail knowledge??

One more thing can I you let me know form where I can see and compare the 2003 and 2008, What enhancement are there in 2008 specially with regard to security?
  • 0

#4
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
http://www.microsoft...us/default.aspx best place to start digging for info on windows server 2008 or 2003

So should I have to start reading a book?? Ti get more detail knowledge??

that's where knowledge comes from....and it's where you're going to find the most concise and accurate info
  • 0

#5
Mobi

Mobi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Ok thanks dsenette.

Just more question to you. When I change the Gp on the Domain Controller to affect all the computers/users who are on the domain, it take time when that policy is applied Its because of the refresh interval of group policy. How can I enforce the GP instantly when I change it. For example I can run the gpudate command from a script but again this script will run the system will refresh its policy. So how I can achieve this thing that when the policy is applied on any OU it will take affect immediately.
  • 0

#6
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
you would need to modify the group policy refresh interval in the group policy (how's that for circular reasoning)

this setting is in

user configuration\administrative templates\system\group policy



give this a read http://books.google....esult#PPA113,M1 (technically a book preview but that link should get you right to the page...also if you can find this book in print it's a good read)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP