Active Directory Windows2003 Server. Agenda . What is Active Directory Building an Active Directory Using Active Directory Features Active Directory Objects Auditing Active Directory. Group Names. Charles Guzman Daniel Gebretensai Ervand Akopyan Hovik Gharadaghi. Active Directory.
Configuring a custom console
Adding a group policy object link
ADDING AND REMOVING OBJECTS
An object is a distinct named set of attributes that represents a network resource. Typical objects are users, groups, computers and printers. Each object has a number of attributes. For example, the user object has attributes such as password, name, password length and e-mail address.
Objects are typically grouped into classes, such as groups (a number of user accounts), computers and printers. When objects are grouped together, they are placed into a container that holds the objects (its like a desk draw that holds a number of objects).
If you try to add AD users using lusrmgr.msc you will receive the following error
Auditing with Active Directory
Something went wrong and the Boss asks:
“What kind of network activity have we had recently?
Windows 2000 and every subsequent version of NT supports Audits
It keeps track of who tried to log on to what server
This will audit each time a user is logging on or off from another computer in which the computer performing the auditing is used to validate the account.
Windows XP logon to DC
This security setting determines whether to audit the event of a user accessing an object
Example, a file, folder, registry key, printer, and so forth--that has its own system access control list (SACL) specified
Determines whether to audit each instance of a user exercising a user right
Too many outputs for every right exercised
Be prepared for larger logs files
Changing the system time
Determines whether to audit when a user restarts or shuts down the computer or an event has occurred that affects either the system security or the security log
Not many entries
Logs whenever machine is restarted/shut down
when you clear the security log or resize it
This will audit each event that is related to a user accessing an Active Directory object which has been configured to track user access through the System Access Control List (SACL) of the object
Mostly used by programmers
Tracks activity between program and the Operating systems
These options are essential to help you track the required information that is generated from a user performing a task