Active Directory is a common repository for information about objects that reside on
the network, such as users, groups, computers, printers, applications, and files. The
default Active Directory schema supports numerous attributes for each object class that
can be used to store a variety of information. Access Control Lists (ACLs) are also stored
with each object, which allows you to maintain permissions for who can access and
manage the object. Having a single source for this information makes it more accessible
and easier to manage; however, to accomplish this requires a significant amount of
knowledge on such topics as LDAP, Kerberos, DNS, multimaster replication, group
policies, and data partitioning, to name a few. This book will be your guide through
this maze of technologies, showing you how to deploy a scalable and reliable Active
Directory infrastructure.
Windows 2000 Active Directory has proven itself to be very solid in terms of features
and reliability, but after several years of real-world deployments, there was much room
for improvement. When Microsoft released Windows Server 2003, they focused on
security, manageability, and scalability enhancements. Windows Server 2003 R2 takes
this evolution further and combines Windows Server 2003 Service Pack 1 with some
feature packs, which makes Windows Server even more secure, manageable, and scalable
and also adds considerable new functionality, such as a stand-alone LDAP server
service and increased Unix system integration functions right in the box.
Windows Server 2008 introduces some highly sought-after features to Active Directory.
At the top of the list for many administrators will be such features as read-only domain
controllers, support for Server Core, and fine-grained password policies. The list of new
features and major enhancements is lengthy, and we have taken the time to cover them
all in this book.