Chapter 5. Active Directory
In Windows NT, administrators were introduced to the concept of domains. Active Directory builds on that concept by creating a dynamic, easily accessible structure through which directory and management information can be stored and accessed centrally throughout an organization. By using Active Directory, you create a structure for managing your equipment, and the people who use that equipment, which is a helpful feature for all but the smallest of operations.
By using Active Directory you have access to several cool management tools, including Group Policy (GP), the ability to put groups inside groups multiple times, and an online directory of users, computers, printers, and contacts that you can access easily through the Windows user interface. Although you certainly can operate a Windows-based network without Active Directory, you lose out on a lot of functionality. You will learn about these tools in this chapter and the next.
In this chapter, I’ll introduce you to Active Directory and its concepts, walk you through the process of building an Active Directory domain and tree structure, guide you through the process of managing domain users and groups, and discuss in detail the process of directory content replication. I’ll also discuss different roles that domain controllers take in an Active Directory environment, the importance of time synchronization and how to accomplish it, and how to keep your Active Directory in tiptop shape through regular ...