For many of us who had
become very comfortable with the NT domain concept, Active Directory was a huge
leap forward. Sure it required a bit of a learning curve, but the flexibility and increased
reliability made it a natural choice. Active Directory required Windows administrators
to change their entire mindset. Rather than just being fixated on simple domains and
groups, you could now also organize your domain using organizational units (OUs).
97 Chapter 4: Active Directory Domain Services
Organizational units allow for a logical division of a directory to make it match your
organizational structure and administrative boundaries more directly. The added benefit
with this hierarchical structure is that you can granularly delegate authority so that not
everyone needs to be a domain administrator to manage various aspects of the directory.
For example, you can give human resources staff access to your user account information
so they can update user attributes such as addresses and contact information, without
giving them rights to modify your account??™s Windows group membership.
Active Directory is a Domain Name System (DNS)??“dependent service, unlike the
NT domain model, which is mostly NetBIOS driven. The hierarchical structure of DNS
and the widespread use of TCP/IP as the primary network protocol in many organizations
makes Active Directory a natural choice for managing name resolution and service
location.
Pages:
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136