The Anatomy of a Domain

Domains are represented in Active Directory by domainDNS objects. The distinguished name (DN) of a domainDNS object directly corresponds to the fully qualified DNS name of the domain. For example, the amer.rallencorp.com domain would have a DN of dc amer,dc rallencorp,dc com. Table 2-1 contains a list of some of the interesting attributes that are available on domainDNS objects. Table 2-1. Attributes of domainDNS objects Table 2-1. Attributes of domainDNS objects Relative distinguished name of...

The Anatomy of Site Topology Objects

Table 11-1 through Table 11-7 contain some of the important attributes of the various site topology objects. Table 11-1 through Table 11-7 contain some of the important attributes of the various site topology objects. Table 11-1. Attributes of site objects RDN of the object. This is the name of the site (e.g., Raleigh). Contains a prioritized list of GPOs that are linked to the site. Multivalued attribute that contains a list of distinguished names for each subnet Table 11-1. Attributes of site...

The Anatomy of an Application Partition

Application partitions are stored in Active Directory similar to domains. In fact, they consist of the same two objects as domains, a domainDNS object and a crossRef object that resides under the Partitions container in the Configuration Naming Context (CNC). Application partitions are named like domains and can be virtually anything you want. You can create an application partition that uses the current namespace within the forest. For example, in the rallencorp.com (dc rallencorp,dc com)...

The Anatomy of a User

The default location for user objects in a domain is the cn users container directly off the domain root. You can, of course, create user objects in other containers and organizational units in a domain. Table 6-1 contains a list of some of the interesting attributes that are available on user objects. This is by no means a complete list. There are many other informational attributes that I haven't included. Table 6-1. Attributes of user objects Table 6-1. Attributes of user objects Large...

Using VBScript

This code creates a computer object and grants a user group rights over it strComputer < ComputerName> ' e.g. strUser < UserOrGroup> ' e.g. strDescr < ComputerDescr> ' e.g. strDomain < ComputerDomain> ' e.g. ' ------ END CONFiGURATiON --------- joe rallencorp.com or RALLENCORP joe ' Constants ' Const ADS_UF_PASSWD_N0TREQD & h0020 Const ADS_UF_W0RKSTATi0N_TRUST_ACC0UNT & h1000 Const ADS_ACETYPE_ACCESS_ALLOWED & h0 Const ADS_ACETYPE_ACCESS_ALLOWED_OBJECT & h5 Const...

Using a commandline interface

The dsmod user command has several options for setting various userAccountControl flags, as shown in Table 6-2. Each switch accepts yes or no as a parameter to either enable or disable the setting. Table 6-2. dsmod user options for setting userAccountControl Sets whether the user must change password at next logon. Sets whether the user can change his password. Set account status to enabled or disabled. Sets whether the user's password is stored using reversible encryption. Sets whether the...