You are previewing MCSE Windows® 2000 Directory Services Design.
O'Reilly logo
MCSE Windows® 2000 Directory Services Design

Book Description

Exam 70-219, Designing Windows 2000 Directory Services Infrastructure measures your ability to analyze the business requirements and design a directory service architecture, including: unified directory services such as Active Directory and Windows NT domain; connectivity between and within systems, system components & applications, and data replication such as directory replication and data replication. Keep in mind if you already have MCSE certification on Windows NT 4.0 you can update your certification by just taking two exams-the Accelerated Exam (70-240) and their choice of Designing Directory Services Infrastructure (70-219), Designing Security for a Windows 2000 Network 970-220), or Designing Network Infrastructure (70-221). You must also choose one of the three core electives-ICA Windows 2000 Professional (70-210), ICA Windows 2000 Server (70-215), I & A Windows 2000 Network Infrastructure (70-216), I & A Windows 2000 Directory Services Infrastructure (70-217).

Table of Contents

  1. Copyright
    1. Dedication
  2. About the Author
  3. About the Technical Reviewers
  4. Acknowledgments
  5. Tell Us What You Think
  6. How to Use This Book
    1. Chapter Opener
    2. Instructional Features Within the Chapter
    3. Case Studies
    4. Extensive Review and Self-test Options
  7. Introduction
    1. How This Book Helps You
    2. What the Designing a Microsoft Windows 2000 Directory Services Infrastructure Exam (70–219) Covers
    3. Analyzing Business Requirements
    4. Analyzing Technical Requirements
    5. Designing a Directory Service Architecture
    6. Designing Service Locations
    7. Hardware and Software You'll Need
    8. Advice on Taking the Exam
    9. New Riders Publishing
  8. I. Active Directory Basics
    1. 1. Understanding Active Directory
      1. Introduction
      2. "Directory" Defined
      3. Active Directory Is a Unified Directory
        1. X.500 Compliant
        2. LDAP Is Core
      4. Active Directory Features and Benefits
        1. Support for Open Standards
        2. Rich Set of APIs
          1. ADSI
          2. MAPI
          3. LDAP C API
        3. Drag and Drop Administration
        4. Extensible Schema
        5. Global Catalog Servers
        6. Multi-Master Replication Model
        7. Backward Compatibility
          1. Name Resolution Services
        8. Interoperability
          1. NetWare
          2. Exchange
          3. Future Interoperability
        9. Scalability
        10. Dynamic DNS
          1. Integration with TCP/IP Services
          2. Non-Microsoft DNS Servers
        11. Public/Private Key Infrastructure
      5. Migration from Previous Versions of NT
        1. Microsoft's Recommended Migration Approach
        2. Single Domain Model
        3. Single Master Domain Model
        4. Multiple Master Domain Model
        5. Complete Trust Domain Model
        6. Novell NetWare
      6. Planning, Planning, Planning
      7. Chapter Summary
      8. Apply Your Knowledge
        1. Exercise
          1. 1.1. Installing the Active Directory Schema Manager
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
  9. II . Analyzing Business Requirements
    1. 2. Planning and Conducting Your Business Assessment
      1. Introduction
      2. Business Analysis Planning Framework
        1. Create Your Strategy
        2. Windows 2000 Feature Set
      3. Company Categorization
        1. Relative to the Industry
        2. Relative to IT
      4. What to Gain from the Analysis
        1. Business Vision
        2. Business Goals and Problems
        3. Organization of the Company
          1. Management Model
          2. Company Organization
          3. Vendor, Partner, and Customer Relationships
          4. Merger and Acquisition Plans
        4. Geographical Scope of the Company
        5. Key Company Processes
          1. Information and Communication Flow
          2. Service and Product Life Cycle
          3. Decision-Making
        6. Company Strategy Influences
          1. Company Priorities
          2. Growth and Growth Strategy
          3. Laws and Regulations
          4. Tolerance for Risk
          5. Total Cost of Ownership (TCO)
      5. Business Analysis Deliverables
        1. Business Goals and Problems Document
        2. Gap Analysis
        3. Risk Assessment
      6. Chapter Summary
      7. Apply Your Knowledge
        1. Exercise
          1. 2.1. Creating an Analysis Strategy
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    2. 3. Analyzing the Results of the Business Assessment
      1. Introduction
      2. Case Study: Electrico Corporation
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. BUSINESS ANALYSIS
          1. Company Categorization
          2. Business Vision
          3. Business Goals and Problems
          4. Company Organization
          5. Geographical Scope and Company Model
          6. Company Processes
          7. Influences That Affect Company Strategy
      3. Envisioning the Future
        1. Current State
        2. How Will the Company Change?
        3. "What If?" Analysis
        4. Concluding the Business Vision Analysis
      4. Analyzing Business Problems
        1. Business Goal
        2. Problem Analysis
          1. Problem-Objective Table
          2. Objective Definition Stage
      5. Company Organization
        1. Existing and Planned Management Models
        2. Existing and Planned Vendor, Partner, and Customer Relationships
          1. Authentication
          2. Rendezvous
          3. Authorization
          4. Electrico
        3. Expected Areas of Growth
          1. Mergers
          2. Acquisitions
      6. Company Operating Scope
        1. Geographical Scope
        2. Company Operational Model
          1. National Model
          2. Subsidiary Model
          3. Branch Office Model
          4. Regional Model
          5. International Model
      7. Key Company Processes
        1. Information and Communication Flow
        2. Enterprise Identity Management
          1. Identity Administration
          2. Existence
          3. Context
          4. Provisioning
          5. Workflow
        3. Decision-Making
        4. Product and Service Life Cycles
          1. Windows Installer
          2. Software Installation and Maintenance Technology
      8. Company Strategy Influences
        1. Conducting an Influence Interview
        2. Company Priorities
        3. Issues Surrounding Growth
        4. Tolerance for Risk
        5. Laws and Regulations
        6. Total Cost of Operations
          1. Goals for a TCO Assessment
      9. Chapter Summary
      10. Apply Your Knowledge
        1. Exercises
          1. 3.1. Identify Business Analysis Components
          2. 3.2. Understand Knowledge and Information Flow
          3. 3.3. Analyze Customer Relationships
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    3. 4. Analyzing the IT Administration Model
      1. Introduction
      2. Case Study: The Electrico IT Organization
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CIO
          1. NetWare Administrator
        4. CURRENT IT MODEL
          1. Network Manager
          2. Mainframe Ops Manager
        5. ENVISIONED IT MODEL
        6. CIO
          1. Help Desk Manager
        7. ECONOMIC METRICS
        8. CFO
      3. Structure of IT Management
      4. Type of Administration
        1. Centralized Administration
        2. Decentralized Administration
        3. Hybrid
        4. Impact on Active Directory Design
        5. IT Administration at Electrico
      5. Funding Model
        1. Rapid Economic Justification Framework
          1. Business Assessment
          2. Solution
          3. Cost-Benefit Analysis
          4. Financial Metrics
          5. Risk
      6. Outsourcing
        1. Why Do Companies Outsource Operations?
        2. Management of Outsourced Operations
          1. Identification
          2. Control
          3. Security
          4. Management
        3. Electrico's Plans for Outsourcing
      7. Decision-Making Process
      8. Change Management Process
        1. Documented Change-Management Standards
        2. Your Ability to Detect Potential Change
        3. Considering Change in Active Directory Design
      9. Standards Documentation
      10. Chapter Summary
      11. Apply Your Knowledge
        1. Exercises
          1. 4.1. Fill in a 4×7 Benefit Matrix
          2. 4.2. Determine the Type of IT Administration
          3. 4.3. Calculating TCO and ROI Using the TCO and ROI Advisor
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
  10. III. Analyzing Technical Requirements
    1. 5. Analyzing the Physical Environment
      1. Introduction
      2. Interview the Information Technology Team
      3. How Many People and Where Are They?
      4. Enterprise Infrastructure Assessment
        1. Network Topology
        2. Connection Types and Speed of Each
        3. Physical Network
          1. Routers
          2. Switches
          3. Hubs
          4. Bridges and Other Devices
        4. Name Resolution Services
        5. IP Addressing Schemes
          1. DHCP Server
          2. QIP Servers
          3. Manual IP Configuration
        6. Protocol Analysis
        7. Bandwidth
          1. Net Available Bandwidth and SLAs
          2. Quality of Service (QoS)
          3. Telecommuting
      5. Tools and Utilities to Help with Analysis
      6. Case Study: eFly Airlines
        1. BACKGROUND
        2. PROBLEM STATEMENT
          1. CEO
          2. IT Director
          3. Web Developer
        3. CURRENT SYSTEM
          1. Ticket Buyer
          2. Web Developer
          3. Infrastructure Specialist
        4. CURRENT ENVIRONMENT
          1. IT Director
          2. Infrastructure Specialist
          3. Help Desk Manager
        5. ENVISIONED SYSTEM
          1. IT Director
          2. Infrastructure Specialist
          3. Help Desk Manager
        6. SECURITY
          1. Outside Security Consultant
          2. IT Director
          3. Web Developer
        7. PERFORMANCE
          1. Infrastructure Specialist
          2. Indianapolis Maintenance Crew
          3. IT Director
        8. MAINTAINABILITY
          1. IT Director
          2. IT Administrator
          3. Infrastructure Specialist
        9. AVAILABILITY
          1. IT Director
          2. Customer Service Administrator
          3. Infrastructure Specialist
      7. Chapter Summary
      8. Apply Your Knowledge
        1. Exercises
          1. 5.1. Determine Net Available Bandwidth
          2. 5.2. Determine Appropriate Action
          3. 5.3. Analyze the Network Topology
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    2. 6. Analyzing Performance-Related Requirements
      1. Introduction
      2. What Is a Performance Analysis?
      3. Successful Approach to Performance Monitoring
      4. Leverage the Knowledge of IT Resources
      5. Don't Forget the Infrastructure
      6. Step 1: Determine a Baseline
        1. What Data Should I Capture?
          1. Memory
          2. Processor
          3. Network Subsystem
          4. Disk Subsystem
          5. Application Resources
        2. Collecting Data for a Baseline
          1. Data Gathering Timeline
          2. System Monitor Logs
      7. Step 2: Quantify Measurement Information
        1. Starting and Stopping the Logging Process
        2. Preparing the Log File for Analysis
      8. Step 3: Determine Bottlenecks
        1. Workload Characterization
          1. File and Print Servers
          2. Application Servers
          3. Domain Controllers
        2. Memory Bottlenecks
          1. Paged and Non-Paged RAM
          2. Virtual Memory
          3. Detecting Memory Bottlenecks
        3. Processor Bottlenecks
        4. Network Bottlenecks
          1. Network Infrastructure Components
          2. Server-Based Network Elements
          3. Network-Related System Monitor Counters
          4. Protocols
          5. Name Resolution Services
          6. Addressing Network Subsystem Bottlenecks
        5. Disk Bottlenecks
      9. Step 4: Determine Feasible Response Time
      10. Step 5: Project Future Needs
      11. Step 6: Implement a Performance Analysis and Trending Standard
        1. Graphical Trend Reports
        2. Numerical Reports
      12. Windows 2000 Server Roles
        1. Domain Controllers
        2. File/Print Servers
        3. Web Servers
        4. Database Servers
        5. Numerical Analysis Servers
        6. Server Service
      13. Windows 2000 Features That Enhance Performance
        1. Symmetric Multi-Processing (SMP) Support
        2. CPU, Memory, and I/O Tuning
        3. Enterprise Memory Architecture
        4. I2O
        5. Scatter/Gather I/O
        6. Kerberos Authentication Protocol
        7. Windows Load Balancing Services
      14. Chapter Summary
      15. Apply Your Knowledge
        1. Exercises
          1. 6.1. Create a System Monitor Log
          2. 6.2. Use the System Monitor to View Logged Data
          3. 6.3. Utilize Microsoft Excel to Chart Performance Data
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    3. 7. Analyzing Security Requirements
      1. Introduction
      2. Case Study: Online License Company (OLC)
        1. BACKGROUND
        2. PROBLEM STATEMENT
          1. Lead Developer
          2. OLC Director
        3. CURRENT SYSTEM
          1. OLC Data Analyst
          2. A Licensed Driver
        4. ENVISIONED SYSTEM
          1. OLC IT Director
          2. Indiana BMV Director
        5. SECURITY
          1. OLC IT Director
          2. BMV UNIX Administrator
        6. PERFORMANCE
          1. OLC IT Director
        7. MAINTAINABILITY
          1. BMV UNIX Administrator
          2. OLC Development Manager
      3. The Need for Security
        1. The Internet
        2. Disgruntled Employees
      4. Windows 2000 Authentication
        1. NTLM
        2. Kerberos
          1. Kerberos Background
          2. Key Distribution Center
          3. Ticket-Granting Tickets
          4. Session Tickets
          5. Kerberos Integration
          6. Kerberos Interoperability
          7. Extensions for Public Key Authentication
          8. Single Sign-On with Kerberos
        3. SSL/TLS
          1. Authentication of External Users
      5. Public Key Infrastructure (PKI)
        1. Public Key Cryptography
        2. Digital Certificates
          1. Enterprise Root CA
          2. Subordinate Enterprise CA
          3. Standalone Root CA
          4. Subordinate Standalone CA
        3. PKI Components
        4. PKI Standards in Windows 2000
        5. Open Industry Security Standards
        6. Open Security Architecture
      6. Active Directory and Security
        1. Trust Relationships
        2. Delegation of Administration
        3. Granularity
        4. Inheritance
          1. Dynamic Inheritance
          2. Static Inheritance
        5. Some Recommendations for Securing Active Directory
      7. Securing Data Transmissions
        1. Windows 2000 Predefined IPsec Policies
        2. IPsec for OLC
        3. Predefined Rules and Filter Actions
      8. Security in the Enterprise
        1. Security Policy
        2. Precedence
        3. Group Policy Versus System Policy
        4. Domain Security Policy
        5. Domain Controller Security Policy
        6. A Word About Account Policies
      9. Perspective on the Exam Objective
        1. Security Policies
      10. Chapter Summary
      11. Apply Your Knowledge
        1. Exercises
          1. 7.1. Creating a Group Policy Object
          2. 7.2. 7.2 Setting Up a Certificate Authority
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    4. 8. Impact of Active Directory
      1. Introduction
      2. Case Study: Dewey, Cheatham, & Howe (DCH)— Attorneys at Law
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CURRENT SYSTEM
          1. DCH Partner
          2. Jimmy "the Computer Guy"
          3. Paralegal
        4. ENVISIONED SYSTEM
          1. DCH Senior Partner
          2. Attorneys
        5. PERFORMANCE
        6. SECURITY
        7. MAINTAINABILITY
          1. Senior Partner
          2. Paralegal
        8. AVAILABILITY
          1. Partner
          2. New IT Consultant
      3. Do the Lab
      4. Operating System Upgrades
      5. Need for an Application Inventory
        1. Size Up the Company
        2. Select Your Weapon
        3. Manual Collections
        4. Standalone Applications Versus Client/Server Applications
        5. DOS-Based Applications
        6. A Word About Home-Grown Applications
      6. Categorize the Applications
        1. Analyze the Application Inventory
          1. Priority-One Applications
          2. Priority-Two Applications
          3. Priority-Three Applications
      7. Determine the Problem Applications
        1. Why Do Applications Fail?
        2. Where Are the Problems?
          1. OS/2 and POSIX Applications
          2. DOS Applications
          3. Windows 3.x (16-Bit)Applications
          4. Windows 9x Applications
          5. Windows NT Applications
      8. Understanding the Solutions
        1. Upgrade
        2. Replace
        3. Retire
      9. Removal of NetBIOS
        1. Finding NetBIOS in the Environment
          1. WINS
          2. Clients
          3. Determining Which Applications Use NetBIOS
      10. Planned Changes to Systems and Network Applications
        1. Upgrades to Hardware or Software
        2. Rollout of New Equipment
      11. Technical Support Structure
        1. Administration Models
        2. Technical Support Responsibilities
          1. Administrative Level
          2. Platform Support
          3. Hardware Support
          4. Application-Specific Support
          5. Help Desk
      12. Network and Systems Management
        1. Windows Management Services
          1. Desktop Management
          2. Network Management
          3. Data Center Management
      13. Management Disciplines
        1. Common Services
        2. Presentation Services
        3. Management Services
          1. Change and Configuration Management
          2. Security Management
          3. Network Quality of Service
          4. Storage Management
        4. Summing Up Windows Management Services
        5. Value-Added Management Solutions
      14. Chapter Summary
      15. Apply Your Knowledge
        1. Exercises
          1. 8.1. Performing a Manual Software Inventory
          2. 8.2. Removing NetBIOS Support
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    5. 9. End-User Needs and Desktop Management
      1. Introduction
      2. Case Study: Needy Needy, Inc.
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CURRENT SYSTEM
          1. Executive Secretary
          2. Help Desk Tech
        4. ENVISIONED SYSTEM
          1. IT Manager
          2. Executive Secretary
          3. Data Center Manager
        5. PERFORMANCE
          1. IT Manager
          2. Help Desk Tech
        6. SECURITY
          1. IT Manager
          2. Help Desk Manager
        7. MAINTAINABILITY
          1. IT Manager
          2. Lead Help Desk Tech
        8. AVAILABILITY
          1. Client Care Hotline Manager
          2. AR/AP Manager
      3. What! The End-User?
      4. End-User Discussions
        1. Simplify My Job—Please!
        2. Downtime
        3. Roamers
      5. Conducting the End-User Needs Analysis
        1. Data Management
          1. Data Accessibility
          2. Data Availability
          3. Data Protection
        2. Software Installation and Maintenance
          1. Published Applications
          2. Assigned Applications
          3. The Windows Installer Service
          4. Auto-Healing Applications
          5. Custom Installations
          6. Clean Removal of Applications
        3. ZAP Files
          1. Anatomy of a ZAP File
        4. User and Computer Settings Management
        5. Remote OS Installation
          1. CD-Based Installations
          2. RIPrep Image Format Installations
          3. Remote Installation Services
          4. Requirements for RIS
        6. Technical Support
      6. Change and Configuration Management
        1. Establishing the Client Computing Environment
          1. Setting the Standards
        2. Software Distribution Using the Windows Installer
        3. Remote Desktop Management
          1. Software Distribution and Installation
          2. Software Metering
          3. Diagnostics and Troubleshooting
        4. Implementing Folder Redirection
          1. Making Files Available Offline
      7. Chapter Summary
      8. Apply Your Knowledge
        1. Exercises
          1. 9.1. Implement Folder Redirection
          2. 9.2. Make Files and Folders Available Offline
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
  11. IV. Designing a Directory Service Architecture
    1. 10. DNS and Active Directory
      1. Introduction
      2. It All Begins with DNS
      3. Naming Conventions
        1. NetBIOS Name
          1. NetBIOS in Windows 2000
        2. Fully Qualified Domain Names (FQDNs)
        3. Relative Distinguished Name
        4. An Example—User Principal Name
      4. Concepts in DNS Design
        1. DNS Namespace
          1. Flat Namespaces
          2. Hierarchical Namespaces
          3. Character Sets
        2. DNS Domains
        3. DNS Zones
          1. Forward Lookup Zones
          2. Reverse Lookup Zones
        4. DNS Root Namespace
        5. Name Resolution
      5. The Components of DNS
        1. DNS Servers
          1. Primary Servers
          2. Secondary Servers
          3. Caching-Only Servers
          4. Forwarders
          5. Non-Exclusive Mode
          6. Exclusive Mode
        2. Resolvers
        3. Resource Records
          1. Start of Authority (SOA)
          2. Name Server (NS)
          3. Mail Exchanger (MX)
          4. Address (A)
          5. Pointer (PTR)
          6. Canonical Name (CNAME)
          7. Windows Internet Name Service (WINS)
          8. WINS Reverse (WINS-R)
          9. Service (SRV)
        4. Zone Database Files
          1. Full Zone Transfers
          2. Incremental Zone Transfers
          3. Transfers Using DNS Notify
          4. Zone Transfer Best Practices
      6. DNS Name Resolution
        1. Recursive Queries
        2. Iterative Queries
      7. Naming and Name Services
        1. DNS Naming
        2. Active Directory Naming
        3. Selecting the DNS Service
          1. DNS Zone Data Storage Options
        4. WINS and DHCP Integration
          1. DDNS and DHCP Modes of Interaction
          2. Down-Level Client Mode
          3. Active Directory Mode
      8. How Active Directory Uses DNS
        1. Registration of Domain Controllers
        2. SRV Resource Record Registration
          1. SRV RR Naming
          2. Server Types
        3. Locating Domain Controllers
      9. Namespace Planning
        1. Scope of Active Directory
          1. Best to Have a Single Root Domain
          2. Active Directory and the Internet Namespace
        2. Naming Hierarchy
      10. First DNS Domain Name
      11. Choosing the Root DNS Namespace
        1. Using a Registered DNS for Public and Private
        2. Using a Delegated DNS Subdomain as AD Root
        3. Using Different DNS Domains for Public and Private
      12. Complex Namespace Considerations
        1. Clients That Allow an Internal DNS Root
        2. Clients That Do Not Support an Internal DNS Root
        3. Overlapping Internal and External Namespaces
      13. Best Practices
      14. Case Study: ALLBOOKS,, INC.
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CURRENT SYSTEM
        4. ENVISIONED SYSTEM
          1. Allbooks CIO
          2. WayFront Infrastructure Architect
        5. PERFORMANCE
          1. Allbooks CIO
          2. WayFront Infrastructure Architect
        6. SECURITY
          1. Allbooks CIO
        7. MAINTAINABILITY
          1. WayFront Network Consultant
          2. Allbooks CIO
        8. AVAILABILITY
          1. Allbooks CIO
      15. Chapter Summary
      16. Apply your knowledge
        1. Exercises
          1. 10.1. Understand Your Options
          2. 10.2. Trace DNS Queries
        2. Review Questions
        3. Exam Questions
        4. Answers to Exercises
          1. Exercise 10.1
        5. Answers to Review Questions
        6. Answers to Exam Questions
          1. Suggested Readings and Resources
    2. 11. Designing the Active Directory Structure
      1. Introduction
      2. Case Study: WayFront Consulting
        1. BACKGROUND
        2. PROBLEM STATEMENT
          1. Project Sponsor
          2. Project Manager
        3. CURRENT SYSTEM
          1. CIO
            1. Lead Design Engineer
        4. ENVISIONED SYSTEM
          1. CIO
            1. Lead Design Engineer
      3. First Things First
        1. Object
        2. Container
        3. Tree
        4. Domains
        5. Organizational Units
        6. Domain Trees
        7. Forest
        8. Site
        9. Trusts
        10. Schema
        11. Directory Partitioning and Distribution
          1. Configuration Container
        12. Replication
        13. Global Catalog
      4. Setting the Stage for Active Directory
        1. Business and Technology Assessment
          1. Operational Environment
          2. Physical Environment
          3. Administrative Environment
      5. Rules of Domain Creation
        1. Integration of Organizational Units
          1. OUs Versus Domains
        2. Making Smart Use of Groups
          1. Enterprise Admins
          2. Schema Admins
      6. The Design Process
        1. Determining the Number of Forests
        2. Planning Your Domain Design
          1. Common Misconceptions
      7. Put Together a Site Plan
        1. The Facts About Sites
        2. Making Use of TCP/IP Subnets
          1. Intra-Site Replication
          2. Inter-Site Replication
        3. Setting Up the Site Links and Bridges
      8. Planning a Site Structure for WayFront
        1. Primary Site: Main Headquarters
        2. Secondary Sites
        3. Tertiary Sites
        4. Site Link Plan for WayFront
      9. Domain Planning
        1. Determining the Number of Domains
      10. Planning the Root Domain
        1. Using a Registered DNS Namespace
        2. Creating a Dedicated Root Domain
      11. Planning for Parent/Child Domain Relationships
        1. WayFront Domain Tree
        2. Making the Connection
        3. Completing the Tree
      12. Planning the Use of Trust Relationships
        1. Shortcut Trusts
        2. External Trusts
      13. Placing DCs and GCs in the Right Spot
        1. Placing Domain Controllers
        2. Placing Global Catalog Servers
      14. Operations Masters
        1. Operations Master Roles
          1. Domain Naming Master
          2. Schema Master
          3. Infrastructure Master
          4. PDC Emulator
          5. RID Master
      15. Placing the Operations Masters
        1. Domain-Based Role Assignment
        2. Managing the Operations Masters
        3. Transferring the Operations Masters Roles
        4. Implications of Losing an Operations Master
        5. Seizing Operations Masters Roles
      16. Migration Concepts
        1. Methods of Migration
          1. In-Place Upgrade
          2. Domain Restructuring
        2. Upgrade and Restructuring Decisions
      17. Chapter Summary
      18. Apply Your Knowledge
        1. Exercises
          1. 11.1. Designing the Placement of Domain Controllers
          2. 11.2. Utilizing NTDSUTIL.EXE
          3. 11.3. Creating the Initial Site Structure
        2. Review Questions
        3. Exam Questions
        4. Answers to Exercises
          1. Exercise 11.1
        5. Answers to Review Questions
        6. Answers to Exam Questions
          1. Suggested Readings and Resources
    3. 12. Designing an OU and Group Policy Management Structure
      1. Introduction
      2. Organizational Units
        1. Plan Your OU Strategy
          1. Delegation of Administration
          2. Application of Policies
          3. Grouping of Objects with Like Properties
          4. Replacement of Existing Resource Domains
        2. Understanding the Impact of Change
      3. General OU Guidelines
        1. Nesting and Naming
        2. Organizational Structure
        3. Administrative Structure
      4. Flexibility in OU Design
        1. Reasons for Creating Domains and OUs
        2. Organize by Geography
          1. Geographic Based OU Structure Advantages
          2. Geographic Based OU Structure Disadvantages
        3. Organize by Function or Department
          1. Function or Department-Based OU Structure Advantages
          2. Function or Department-Based OU Structure Disadvantages
        4. Organize by Administration
          1. IT Administration-Based OU Structure Advantages
          2. IT Administration-Based OU Structure Disadvantages
        5. Organize by Business Unit
          1. Business Unit-Based OU Structure Advantages
          2. Business Unit-Based OU Structure Disadvantages
        6. Organize by Project
          1. Project-Based OU Structure Advantages
          2. Project-Based OU Structure Disadvantages
            1. REVIEW BREAK
        7. Use the Plan
      5. Designing an OU Structure
        1. OU Associations
          1. Why Are You Creating the OU?
          2. Who Will Manage the OU?
          3. What Permissions Will the OU Manager Require?
      6. Creating the OU Hierarchy
        1. First-Level OUs
        2. Second-Level OUs
        3. Remaining-Level OUs
        4. Nesting and Performance
      7. Preparing for an OU Delegation Plan
        1. Getting the Security Model Straight
        2. AD Security Components
          1. Security Descriptors
          2. Access Control Entries
          3. Ownership
          4. Inheritance
      8. Developing an OU Delegation Plan
        1. Common Delegation Tasks
        2. Define OU Administrator Access
        3. Delegation Methods
          1. Determine Whether Additional OUs Are Necessary
        4. Delegation Tools
          1. Delegation of Control Wizard
          2. Object Security Tab
          3. DSACLS.EXE
      9. Considering Group Policy
      10. How GPOs Work
        1. Viewing the Group Policy Container (GPC)
        2. Viewing the Group Policy Templates (GPT)
      11. Creating and Linking GPOs
      12. The Application of Group Policies
        1. Rules of Inheritance
        2. Blocking
        3. No Override
        4. Using Security Groups to Filter Policy Settings
        5. When Group Policies Apply
        6. Local Group Policies
        7. Mixing Windows 2000 and Windows NT Policies
        8. Order of Application
      13. Creating a Group Policy Management Plan
        1. REVIEW BREAK
      14. Scope of Group Policy Management
        1. Administration Type
          1. Monolithic Design
          2. Layered Design
        2. Delegation of Control
        3. Performance
        4. Structure of Policy Types
      15. Managing Client Computers
      16. Case Study: Speedway Management Corp. (SMC)
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CURRENT SYSTEM
          1. Network Manager
          2. Network Engineer
        4. ENVISIONED SYSTEM
          1. Network Manager
          2. CIO
        5. MAINTAINABILITY
          1. Network Manager
          2. Help Desk Manager
        6. PERFORMANCE
          1. Network Manager
          2. CIO
      17. Chapter Summary
      18. Apply Your Knowledge
        1. Exercises
          1. 12.1. Creating an OU Structure
          2. 12.2. Delegation of Administrative Authority
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    4. 13. Developing a Schema Modification Plan
      1. Introduction
      2. Schema Overview
        1. Locating the Schema
        2. The Schema Container
      3. Active Directory Schema Objects
        1. What Is the Schema Class?
          1. Structural Classes
          2. Abstract Classes
          3. Auxiliary Classes
          4. 88 Classes
        2. What Is the Schema Attribute?
          1. Mandatory Attributes
          2. Optional Attributes
          3. Single- or Multi-Valued Attributes
        3. Attribute Syntax
        4. Attribute Indexing and Replication
          1. Indexing a Schema Attribute
          2. Replicating a Schema Attribute to the Global Catalog
      4. Preparing to Modify the Schema
        1. When to Modify the Schema
          1. What Can I Modify?
          2. What Can I Not Modify?
          3. Relevance of Data
        2. How to Modify the Schema
        3. Remove the Safety Locks
          1. Locate the Schema Master and Enable Write Access
          2. Add Appropriate Administrators to Schema Admins
        4. Obtain an Object Identifier (OID)
        5. Implications of Schema Modification
          1. Write Conflicts
          2. Replication Latency
          3. Concurrency Control
      5. Developing a Schema Modification Policy
        1. Initiating Schema Modifications
        2. Planning Schema Modifications
        3. Testing Schema Modifications
        4. Executing Schema Modifications
      6. Case Study: Professional Sales Force (PSF)
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. CURRENT SYSTEM
          1. Sales Manager
          2. Financial Analyst
        4. ENVISIONED SYSTEM
          1. Sales Manager
          2. Financial Analyst
          3. IT Administrator
        5. MAINTAINABILITY
          1. Sales Manager
        6. AVAILABILITY
          1. Biff the Salesman
      7. Chapter Summary
      8. Apply Your Knowledge
        1. Exercises
          1. 13.1. Creating Schema Attributes
          2. 13.2. Extending a Schema Class
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
    5. 14. Planning for Coexistence
      1. Introduction
      2. Coexistence with Windows NT
      3. Planning Coexistence with NetWare NDS
        1. MSDSS Benefits
        2. Working with MSDSS
          1. MSDSS Sessions
          2. Object Mapping
          3. Object-Level Synchronization
          4. Directional Synchronization
          5. One-Way Synchronization
          6. Two-Way Synchronization
        3. Interoperability Features of SFN
          1. File Migration Utility
          2. File and Print Services for NetWare v.5
          3. Additional NetWare Interoperability Features
      4. Planning Coexistence with UNIX
        1. Why Services for UNIX?
        2. File Sharing with NFS
          1. Server for NFS
          2. Client for NFS
          3. Gateway for NFS
          4. User Name Mapping
        3. Simplification of Administration
          1. Telnet Client
          2. Telnet Server
          3. Services for UNIX MMC
          4. Support for Perl and Perl Scripting
        4. Simplified Account Administration Using NIS
          1. NIS Migration Wizard
          2. Server for NIS
          3. Password Synchronization
        5. UNIX Shell and Utilities
          1. A Bit About the SFU Environment
          2. Implementation of .profile and .kshrc
          3. Command-Line Editing
        6. Common Usage Scenarios
          1. Primarily Windows 2000, Some UNIX
          2. Substantial Mix of UNIX, Windows NT and Windows 2000
          3. Existing UNIX with New Windows 2000 and/or Windows NT
          4. Large UNIX Environment with Existing NIS Domain
        7. What About Kerberos?
      5. Synchronizing Exchange 5.5 and Active Directory
        1. About the ADC
          1. ADC Versioning
        2. Connection Agreements
        3. Configuring Connection Agreements
          1. Configuring the CA Direction
          2. Configuring CA Bridgehead Servers
          3. Creating the Synchronization Schedule
          4. Selecting Objects and Containers to Synchronize
          5. How to Handle Object Deletions
          6. Optimizing CA Settings with Advanced Properties
      6. Exchange 2000 and Active Directory Integration
      7. Case Study: Synchronicity
        1. BACKGROUND
        2. PROBLEM STATEMENT
          1. Owner
        3. CURRENT SYSTEM
          1. UNIX Manager
          2. NetWare Manager
        4. ENVISIONED SYSTEM
          1. NetWare Manager
          2. UNIX Manager
          3. Exchange Manager
        5. MAINTAINABILITY
          1. Active Directory Manager
          2. UNIX Manager
          3. NetWare Manager
          4. Exchange Manager
        6. PERFORMANCE
          1. Global IT Manager
      8. Chapter Summary
      9. Apply Your Knowledge
        1. Exercises
          1. 14.1. Create a Two-Way MSDSS Session
          2. 14.2. Creating an ADC Connection Agreement
        2. Review Questions
        3. Exam Questions
        4. Answers to Review Questions
        5. Answers to Exam Questions
          1. Suggested Readings and Resources
  12. V. Preparing For Implementation
    1. 15. Designing an AD Implementation Plan
      1. Introduction
      2. Why an Implementation Plan?
      3. A Phased Approach Works Well
      4. Project Phases Defined
      5. Phase One: Goals and Objectives
        1. Determine Goals and Objectives
        2. Make Sure You Have the Budget
        3. Feature Selection and Testing
        4. Questions to Answer About Goals and Objectives
        5. Potential Deliverables
      6. Phase Two: Planning and Design
        1. Assess the Business Environment
          1. Questions to Answer About the Business Environment
        2. Assess the Technical Environment
          1. Questions to Answer About the Technical Environment
        3. Prepare Gap Analysis
        4. Core Solution Design
        5. Feature Design
        6. Functional Specification Layout
        7. Potential Deliverables
      7. Phase Three: Pilot
        1. Lab-Based Pilot
        2. Production Pilot
        3. Analysis and Reporting
        4. Milestones and Potential Deliverables
      8. Phase Four: Execution
        1. Milestones and Potential Deliverables
      9. Phase Five: Closure
        1. Post-Project Analysis
        2. Milestones and Potential Deliverables
      10. Case Study: LandScapes Inc.
        1. BACKGROUND
        2. PROBLEM STATEMENT
        3. KEY BUSINESS OBJECTIVES
        4. KEY TECHNOLOGY OBJECTIVES
        5. NEXT STEP
      11. Chapter Summary
      12. Apply Your Knowledge
        1. Exercises
          1. 15.1. Determine Where to Spend the Time
        2. Answers to Exercise 15.1
          1. 15.2. Develop an Implementation Plan for LandScapes Inc.
          2. Key Business Objectives
        3. Key Technology Objectives
        4. Review Questions
        5. Exam Questions
        6. Answers to Review Questions
        7. Answers to Exam Questions
          1. Suggested Readings and Resources
  13. VI. Final Review
    1. Designing Windows 2000 Direcotry Services Infrastructure
      1. Chapter 1: Understanding Active Directory
      2. Chapter 2: Planning and Conducting Your Business Assessment
      3. Chapter 3: Analyzing the Results of the Business Assessment
      4. Chapter 4: Analyzing the IT Administration Model
      5. Chapter 5: Analyzing the Physical Environment
      6. Chapter 6: Analyzing Performance-Related Requirements
      7. Chapter 7: Analyzing Security Requirements
      8. Chapter 8: Impact of Active Directory
      9. Chapter 9: End-User Needs and Desktop Management
      10. Chapter 10: DNS and Active Directory
      11. Chapter 11: Designing the Active Directory Structure
      12. Chapter 12: Designing an OU and Group Policy Management Structure
      13. Chapter 13: Developing a Schema Modification Plan
      14. Chapter 14: Planning for Coexistence
      15. Chapter 15: Designing an AD Implementation Plan
    2. Study and Exam Prep Tips
      1. Learning Styles
      2. Study Tips
        1. Study Strategies
          1. Macro and Micro Study Strategies
          2. Active Study Strategies
          3. Common-Sense Strategies
        2. Pre-Testing Yourself
      3. Exam Prep Tips
        1. The MCP Exam
        2. Exam Format
          1. Fixed-Form
          2. Adaptive Form
            1. The Adaptive-Exam Process
          3. Case Study Form
        3. Question Types
          1. Multiple-Choice Questions
          2. Multiple-Rating Questions
        4. Simulation Questions
          1. A Typical Simulation Question
          2. Hot Area Question
          3. Drag and Drop Style Questions
            1. Select and Place
            2. Drop and Connect
          4. Ordered List Questions
          5. Tree Questions
        5. Putting It All Together
          1. More Exam Preparation Tips
          2. During the Exam Session
          3. Fixed-Form Exams
          4. Adaptive Exams
          5. Case Study Exams
      4. Final Considerations
    3. Practice Exam
      1. Answers to the Practice Exam
  14. VII. Appendices
    1. A. Glossary
    2. B. Overview of the Certification Process
      1. Types of Certification
      2. Certification Requirements
        1. How to Become a Microsoft Certified Professional
        2. How to Become a Microsoft Certified Professional+Internet
        3. How to Become a Microsoft Certified Professional+Site Building
        4. How to Become a Microsoft Certified Database Administrator
          1. Windows 2000 Track
            1. Core Exams
            2. Elective Exams
          2. Windows NT 4.0 Track
            1. Core Exams
            2. Elective Exams
        5. How to Become a Microsoft Certified Systems Engineer
          1. Windows 2000 Track
            1. Core Exams
            2. Elective Exams
          2. Windows NT 4.0 Track
            1. Core Exams
          3. Elective Exams
        6. How to Become a Microsoft Certified Systems Engineer+Internet
          1. Core Exams
          2. Elective Exams
        7. How to Become a Microsoft Certified Solution Developer
          1. New Track
            1. Core Exams
            2. Elective Exam
          2. Old Track
            1. Core Exams
            2. Elective Exams
        8. Becoming a Microsoft Certified Trainer
    3. C. What's on the CD-ROM
      1. ExamGear, Training Guide Edition
      2. Exclusive Electronic Version of Text
      3. Copyright Information and Disclaimer
    4. D. Using the ExamGear, Training Guide Edition Software
      1. Exam Simulation
        1. Question Quality
        2. Interface Design
      2. Study Tools
        1. Effective Learning Environment
        2. Automatic Progress Tracking
      3. How ExamGear, Training Guide Edition Works
        1. Interface
        2. Database
      4. Installing and Registering ExamGear, Training Guide Edition
        1. Requirements
        2. Installing ExamGear, Training Guide Edition
        3. Registering ExamGear, Training Guide Edition
          1. Registration Benefits
        4. Removing ExamGear, Training Guide Edition from Your Computer
      5. Using ExamGear, Training Guide Edition
        1. General Description of How the Software Works
        2. Menu Options
          1. File
          2. Online
            1. Registration
            2. Check for Product Updates
            3. Web Browser
          3. Help
        3. Starting a Study Mode Session
        4. Starting Practice Exams and Adaptive Exams
          1. Differences Between the Practice and Adaptive Exams and Study Modes
          2. Starting an Exam
        5. What Is an Adaptive Exam?
        6. Why Do Vendors Use Adaptive Exams?
        7. Studying for Adaptive Exams
        8. ExamGear's Adaptive Exam
          1. Assumptions
            1. Algorithm Assumptions
          2. Unit Scores
          3. Overall Scores
          4. Inconclusive Scores
        9. Question Types and How to Answer Them
          1. Multiple Choice
          2. Drag and Drop
          3. Ordered-List Questions
          4. Ordered-Tree Questions
        10. Simulations
        11. Hot Spot Questions
          1. Standard ExamGear, Training Guide Edition Options
        12. Mark Question and Time Remaining
          1. Mark Question
          2. Time Remaining
        13. Item Review
          1. The Item Review Questions Tab
            1. Columns
          2. The Current Score Tab
          3. Review Marked Items
          4. Review Incomplete
        14. Examination Score Report Screen
          1. Show Me What I Missed Browse Sequence
        15. Checking the Web Site
      6. Obtaining Updates
        1. The Catalog Web Site for Updates
        2. Product Updates Dialog Box
          1. Types of Updates
            1. Free Program Updates
            2. Free Database Updates
      7. Contacting New Riders Publishing
        1. Technical Support
        2. Customer Service
        3. Product Updates
        4. Product Suggestions and Comments
      8. License Agreement
      9. License
      10. Software and Documentation
      11. License Term and Charges
      12. Title
      13. Updates
      14. Limited Warranty and Disclaimer
      15. Limitation of Liability
      16. Miscellaneous
      17. U.S. Government Restricted Rights