Active Directory

Active Directory Sample Infrastructure
The common infrastructure is based on the fictitious organization Contoso. Contoso owns the DNS name contoso.com, which was configured with the Active Directory Installation Wizard in the preceding section. Figure 4 illustrates the sample Active Directory structure.

Figure 4. Sample Active Directory Structure

The most interesting aspects of this structure are the Domain (contoso.com); the Accounts, Headquarters, Production, Marketing, Groups, Resources, Desktops, Laptops, and Servers organizational units (OUs). These are represented by folders (book) in Figure 4. OUs exist for the delegation of administration and for the application of Group Policy—not simply to mirror a business organization. For an in-depth discussion on designing an OU structure, see "Designing and Deploying Directory and Security Services".

Populating Active Directory

This section describes how to manually create the OUs, Users, and Security Groups outlined in Appendix A.

Creating Organizational Units and Groups
To create OUs and Security Groups 1. 2. 3. 4. 5. 6. 7. 8. 9. Click the Start button, point to All Programs, point to Administrative Tools, and then click Active Directory Users and Computers. Click the + next to contoso.com to expand it. Click contoso.com itself to show its contents in the right pane. In the left pane, right-click contoso.com, point to New, and then click Organizational Unit. Type Accounts in the name box, and then click OK. Repeat steps 3 and 4 to create the Groups and Resources OUs. Click Accounts in the left pane. Its contents now display in the right pane. (It is empty at the beginning of this procedure.) Right-click Accounts, point to New, and then click Organizational Unit. Type Headquarters, and then click OK. Repeat steps 7 and 8 to create the Production and Marketing OUs in Accounts. When you have finished, the OU structure should look like Figure 5.

1

Click OK to create each group. Final OU Structure Creating User Accounts To create a user account 1. 3.) See full-sized image 2 . The settings for each group should be Global and Security. point to New.Active Directory Figure 5. Creating Organizational Units See full-sized image 10. Create the two security groups by right-clicking Groups. Its contents now display in the right pane. 11. pointing to New. The two groups to add are Management and Non-management. and then clicking Group. the final OU structure should look like Figure 6. and then click User. Laptops. 2. click Headquarters (in Accounts).) Right-click Headquarters. Type Christine for the first name and Koch for the last name. Figure 6. (It is empty at the beginning of this procedure. In the same way. In the left-hand pane.. and Servers in the Resources OU. create Desktops. When all steps are completed. (Note that the full name automatically appears in the Full name box.

Type Christine for the User logon name. In the right pane. 2. Click Advanced. 5. See full-sized image Repeat steps 1 through 8 to create the users in the Production and Marketing OUs.Active Directory 4. Password complexity requirements may be disabled through Group Policy. and then click Add. The window should look like Figure 7.com/Accounts/Headquarters. and then click Next to continue. Figure 8.) Click OK again to add these members to the Management Security Group. the Headquarters OU screen should look like Figure 8. Click Finish. Type pass#word1 for Password and Confirm password. 4. Figure 7. Adding a User Click Next. Click the Members tab. 5. double-click the Management group. User listing in the Headquarters OU 9. Christine Koch now displays in the right-hand pane as a user under Reskit. 7. Windows Server 2003 requires complex passwords for all newly created users. Adding Users to Security Groups To add a user to a security group 1. Note: By default. adding the names listed in Appendix A for the Headquarters OU. Click OK while all members are highlighted. When you are finished. 3 . (The users who should be members of this security group are listed in Appendix A. 8. Select all appropriate users from the lower section by holding down the Ctrl key while clicking each name. Click OK to close the Management Security Group Properties sheet. click Groups. and then click Find Now. In the left pane. 6. Repeat steps 2 through 7. 3.

Figure 9.Active Directory 6. Kevin F. Close the Active Directory Users and Computers snap-in. Monica Production Ola. Appendix A: Active Directory Populace Users OU Full Name Login Name Christine Paul Molly Christof Yvonne Mike Monica Preeda Jon Clair Jim Lorraine Cynthia Kevin Group Membership Management Management Management Management Management Management Non-management Management Non-management Non-management Non-management Management Non-management Non-management Headquarters Koch. Lorraine Randall. Yvonne Nash. Mike Brink. Paul Clark. Jim Nay. Cynthia Browne. Clair Kim. The Members of the Management Security Group Are Drawn from Three OUs Top of page Repeat steps 2 through 5 to add members to the Non-management group. 7. Preeda Grande. Christine West. 4 . Jon Hector. Christof Schleger. Molly Sprenger.

Charles Mustafa.Active Directory OU Marketing Full Name Fitzgerald. Ahmad Narp. Sylvie Top of page Login Name Charles Ahmad Sylvie Group Membership Management Non-management Non-management 5 .

Sign up to vote on this title
UsefulNot useful