1 / 13

CN1276 Server

CN1276 Server. Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+. Agenda. Chapter 6: Security Planning and Administrative Delegation Quiz Exercise. Naming Standard. A naming standards document to outline the rules for naming all Active Directory objects.

mohammad-wilder
Download Presentation

CN1276 Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

  2. Agenda • Chapter 6: Security Planning and Administrative Delegation • Quiz • Exercise

  3. Naming Standard • A naming standards document to outline the rules for naming all Active Directory objects. • Specify conventions such as the number and type of characters to use when creating a new object in Active Directory. • FLLLLLxx = JSmith01 • LocTypeModel = 401PRT2500

  4. Strong Passwords • Since user names are often easily guessed, it is essential to have strong passwords: • At least eight characters in length. • Contains uppercase and lowercase letters, numbers, and non-alphabetic characters. • Password-cracking • Dictionary attack • Educate users on the importance of password

  5. Securing Admin. Access to AD • You should not use Administrative privileges account on a daily basis, instead use run as administrator or run as instead. • Press Shift then right click to open Run as menu • Run as /user:domain.com\domainadmin “command to run” • Both run as and run as administrator required Secondary Logon service to be running

  6. Planning an OU strategy • Can be created to represent your company’s functional or geographical model. • Can be used to delegate administrative control over a container’s resources to lower-level or branch office administrators. • Can be used to apply consistent configuration to client computers, users and member servers.

  7. Creating an OU Structure • By default, DC OU will be created when AD is installed • OUs are for organizing resources and delegating permissions, but not to assign access permissions • You can assign who can control • You can’t assign who can/can’t access

  8. Delegation of control • Creating OUs to support a decentralized administration model. • Delegating authority at a site level affects all domains and users within the site. • Delegating authority at a domain level affects the entire domain. • Delegating authority at the OU level affects only that OU and its hierarchy.

  9. Delegation of Control (Cont.) • You can use Delegation of Control Wizard to delegate permissions for domains, OUs, or containers. • Specify to which users or groups you want to delegate management permissions and the specific tasks you wish them to be able to perform. • Delegate predefined tasks, or you can create custom tasks that allow you to be more specific.

  10. Delegating Administrative Control of an OU • Open Active Directory Users and Computers. • Right-click the object to which you wish to delegate control, and click Delegate Control. • Click Next on the Welcome to the Delegation of Control Wizard page. • Select users or group then select the task to delegate

  11. Verifying and Removing AD Permissions

  12. Moving Objects between OUs • Drag-and-drop • Use the Move menu • Use dsmove • Move objects between OUs in a domain: • permissions that are assigned directly to objects remain the same. • Objects inherit permissions from the new OU. • All permissions that were inherited previously from the old OU no longer affect the objects

  13. Assignment • Matching • 1-10 • Multiple Choice • 1-10 • Online Lab 6

More Related