Chp04 - Implementing and Managing Group and Computer Accounts

Chp04 - Implementing and Managing Group and Computer Accounts

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 EnvironmentChapter 4:Implementing and Managing Group and Computer AccountsGuide to MCSE 70-290, Enhanced2Objectives•Understand the purpose of using group accounts to simplify administration•Create group objects using both graphical and command-line tools•Manage security groups and distribution groups•Explain the purpose of the built-in groups created when Active Directory is installed•Create and manage computer accountsGuide to MCSE 70-290, Enhanced3Introduction to Group Accounts•A groupis a container object•Used to organize collections of users, computers, contacts, other groups•Used to simplify administration•Similar to Organizational Units except•OUs are not security principals, groups are•OUs can only contain objects from their parent domain, groups can contain objects from within forestGuide to MCSE 70-290, Enhanced4Group Types•Security groups•Defined by Security Identifier (SID)•Can be assigned permissions for resources•In discretionary access control lists (DACLs)•Can be assigned rights to perform different tasks•Can also be used as e-mail entities•Distribution groups•Primarily used as e-mail entities•Do not have associated SIDGuide to MCSE 70-290, Enhanced5Group Scopes•Scope refers to logical boundary of permissions to specific resources•Both Security and Distribution Groups have scopes•Three scopes •Objects possible within each scope dependent on configured functional level of a domain•Scope types are global, domain local, and universal Guide to MCSE 70-290, Enhanced6Group Scopes (continued)•Three domain functional levels:•Windows 2000 mixed: default configuration, supports a combination of Windows NT Server 4.0, 2000 Server, and Server 2003 domain controllers•Windows 2000 native: supports a combination of Windows 2000 Server and Server 2003 domain controllers•Windows Server 2003: supports Windows Server 2003 domain controllers onlyGuide to MCSE 70-290, Enhanced7Global Groups•Organize groups of users, computers, groups within the same domain•Usually represents a geographic location or job function group•Types of objects in group related to configured functional level of the domain •Depends on the types of domain controllers in environmentGuide to MCSE 70-290, Enhanced8Domain Local Groups•Created on domain controllers•Can be assigned rights and permissions to any resource within the same domain•Can contain groups from other domains•Specific objects allowed in group related to configured functional level of the domainGuide to MCSE 70-290, Enhanced9Universal Groups•Typically created to aggregate users or groups in different domains•Stored on domain controllers configured as global catalog servers•Can be assigned rights and permissions for any resource within a forest•Can only be created at the Windows 2000 native or Windows Server 2003 domain functional levelGuide to MCSE 70-290, Enhanced10Universal Groups (continued)Guide to MCSE 70-290, Enhanced...
View Full Document

{[ snackBarMessage ]}

Page1 / 50

Chp04 - Implementing and Managing Group and Computer Accounts

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online