Module 1: Introduction to Administering Accounts and Resources

Module 1: Introduction to Administering Accounts

and Resources

Overview

Multimedia: Introduction to Managing a Microsoft Windows Server 2003 Environment

The Windows Server 2003 Environment

Logging On to Windows Server 2003

Using the Run As Feature for Administration

Installing and Configuring Administrative Tools

Creating an Organizational Unit

Multimedia: Introduction to Managing a Microsoft Windows Server 2003 Environment

This presentation describes the tasks involved in administering accounts and resources and defines the concepts of Active Directory

Lesson: The Windows Server 2003 Environment

Computer Roles

The Windows Server 2003 Family

What Is a Directory Service?

Active Directory Terms

Classroom Setup Review

Computer Roles

Domain Controller

File Server

Print Server

DNS Server

Application Server

Terminal Server

The Windows Server 2003 Family

Sample Roles

Windows Server 2003

EditionUsage Scenario Web

server

File and infrastructure

server

Domain controller

Scalable, business-

critical applications

Web Application server

Small Business Server

Small business with one server

Standard Small business or department

Enterprise Medium or large organizations

Datacenter Large organizations

What Is a Directory Service?

Identifies resources

Provides a consistent way to: Name Describe Locate Access Manage Secure

Active Directory BenefitsActive Directory Benefits

DNS integrationDNS integration

ScalabilityScalability

Centralized managementCentralized management

Delegated administrationDelegated administration

Active Directory Terms

Forest

Contoso.msft

Domain

brisbane.au. nwtrader.msft

nwtrader.msft

au. nwtrader.msft

Tree

OUs in a domain

Sales.Contoso.msft

Classroom Setup Review

The virtual environment is configured as one Windows Server 2003 domain: Contoso.msft

Den-DC1 is the domain controller

Den-SRV1 is a member server and is used as a remote computer for student labs

Den-CL1 is a workstation running Windows XP Professional, Service Pack 2

Server computers are running Windows Server 2003, Enterprise Edition, Service Pack 1

Lesson: Logging On to Windows Server 2003

Multimedia: Logon and Authentication

Logon Dialog Box Options

What Are User Principal Names?

Practice: Logging On to Windows Server 2003

Multimedia: Logon and Authentication

This activity presents information about: Local logon process Domain logon process Secondary logon process Smart card logon process

Important points to look for: Difference between local and domain

authentication How to perform a secondary logon Contents of an access token

Logon Dialog Box Options

By default, Windows Server 2003 attempts to log the user on to the domain that the computer is a member of

Select the domainwhere the user account

is located

Select the domainwhere the user account

is located

What Are User Principal Names?

Provides an alternative logon method

Is unique within the forest

Example: don@contoso.msftExample: don@contoso.msft

Practice: Logging on to Windows Server 2003

In this practice, you will:

Log on to your workstation by using a local account

Attempt to access a network share by using a local account

Log on to your workstation by using a domain account

Attempt to access a network share by using a domain account

Lesson: Using the Run As Feature for Administration

What Is the Run As Feature?

Using the Run As Feature

What Is the Run As Feature?

Allows a user to run specific tools and programs at any workstation with different permissions than the user's current logon provides

Can be used in troubleshooting scenarios to perform administrative tasks at the client’s workstation without logging off the current user

Using the Run As Feature

The Run as feature can be invoked from a shortcut menu

A desktop shortcut can be configured to use the Run as feature

The Run as feature can be used from the command line

runas /user:domain\domainadmin "mmc %windir%\system32\compmgmt.msc" runas /user:domain\domainadmin "mmc %windir%\system32\compmgmt.msc"

Lesson: Installing and Configuring Administrative Tools

What Are Administrative Tools?

What Is MMC?

Practice: Configuring the Administrative Tools

Guidelines for Resolving Problems with Installing and Configuring Administrative Tools

What Are Administrative Tools?

Commonly used administrative tools:

Active Directory Users and Computers Active Directory Sites and Services Active Directory Domains and Trusts Computer Management DNS Remote Desktops

Install to perform remote administration

What Is MMC?

Snap-insSnap-ins

MMC hosts tools, called snap-ins, that perform administrative functionsMMC hosts tools, called snap-ins, that perform administrative functions

Practice: Configuring the Administrative Tools

In this practice, you will:

Create a custom MMC

Save the custom MMC

Guidelines for Resolving Problems with Installing and Configuring Administrative Tools

Symptom Cause Resolution

Cannot install the administrative tools

Insufficient permissions

You must have administrative permissions on the local computer

Incorrect operating system

You can install the Windows Server 2003 Administration Tools Pack only on supported operating systems

Broken links in Help files

Both server and client Help systems are required

You can install the Help files for Windows Server 2003

Administration Tools Pack

Lesson: Creating an Organizational Unit

Multimedia: The Organizational Unit Structure

What Is an Organizational Unit?

Organizational Unit Hierarchical Models

Names Associated with Organizational Units

Practice: Creating an Organizational Unit

Multimedia: The Organizational Unit Structure

This presentation explains:

How to use organizational units to group objects for more efficient management

The main purposes of an OU hierarchy

What Is an Organizational Unit?

Organizes objects in a domain

Allows you to delegate administrative control

Simplifies the management of commonly grouped resources

Organizational Unit Hierarchical Models

Function-Based Hierarchy

S

C M

S – SalesC – ConsultantsM - Marketing

Examples of Hybrid-Based Hierarchies

Function Organization

Location Function

Organization Location

Organization-Based Hierarchy

M

E R

M – ManufacturingE – EngineeringR - Research

Location-Based Hierarchy

N

F I

N – Norway F – FranceI – Indonesia

Names Associated with Organizational Units

Name Example

LDAP relative distinguished name

OU=MyOrganizationalUnit

LDAP distinguished name

OU=MyOrganizationalUnit, DC=microsoft, DC=com

Canonical name Microsoft.com/MyOrganizationalUnit

Practice: Creating an Organizational Unit

In this practice, you will:

Install the AdminPak tools

Use the runas command to launch the command line

Use the dsadd command and Active Directory Users and Computers to create organizational units

Lab: Creating Organizational Units

After completing this lab, you will be able to create organizational units