Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.

Published byLambert Booker Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for."— Presentation transcript:

1 Chapter 4- Part3

2 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for the first time The profile can be modified to consist of desktop settings that are customized for one or more clients who log on locally

3 3 Implementing User Profiles (continued) User profiles advantages Multiple users can use the same computer and maintain their own customized setting Desktop settings that are associated with an account so that the same settings are employed no matter which computer is used to access the account (the profile is downloaded to the client from a server)(roaming profile) Profiles can be made mandatory so users have the same settings each time they log on (mandatory profile)

4 4

5 5 What’s New in Windows Server 2008 Active Directory Five new features deserve particular mention: Restart capability Read-Only Domain Controller Multiple password and account lockout policies in a single domain Active Directory Lightweight Directory Services role

6 6 Restart Capability Windows Server 2008 provides the option to stop Active Directory Domain Services Without taking down the computer After your work is done on Active Directory, you simply restart Active Directory Domain Services

7 7

8 Read-Only Domain Controller Read-Only Domain Controller (RODC) A domain controller that houses Active Directory information, but cannot be updated, such as to create a new account. This specialized domain controller receives updates from regular DCs, but does not replicate to any DCs because it is read-only by design. See domain controller (DC). 8

9 Auditing Improvements Server administrators can now create an audit trail of many types of changes that might be made in Active Directory, including when: There are attribute changes to the schema (auditing saves information on both the old and new values) Objects are moved, such as user accounts moved from one OU to a different one New objects are created, such as a new OU A container or object is deleted and then brought back, even if it is moved to a different location than where it was originally located 9

10 Auditing Improvements The reason for tracking Active Directory changes is that many organizations now include this as part of their security policy. Active Directory is central to many Windows Server networks, and tracking changes to it is a normal security practice. You must set up Active Directory auditing in two places: 1. Enable a Domain Controllers Policy to audit successful or failed Active Directory changes. 2. Configure successful or failed change actions on specific Active Directory objects or containers. 10

11 Multiple Password and Account Lockout Policies in a Single Domain Before Windows Server 2008, Active Directory administrators could not establish different account lockout policies in the same domain. An account lockout policy is one that locks a user account in certain situations. For example, you can set up a policy that protects an account from intruders by locking it after five unsuccessful logon attempts. 11

12 Multiple Password and Account Lockout Policies in a Single Domain Account lockout policy prevents an intruder from trying all kinds of password combinations until the right one is found to break into an account. Also, an administrator could require that a password be a certain length or have other characteristics to make it hard to guess. 12

13 Active Directory Lightweight Directory Services Role Active Directory Lightweight Directory Services (AD LDS) role is targeted for servers that manage user applications. This enables the applications to store configuration and critical data in a central database. 13

14 Active Directory Lightweight Directory Services Role AD LDS is a basic version of Active Directory Domain Services AD DS, including: only those elements needed for central configuration and data management required by applications, including directory replication and security services. No services are provided for managing domains and domain resources, such as user accounts and computers. AD LDS role could be installed in the same server with ADDS 14

Download ppt "Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for."

Similar presentations

Copyright line. Configuring Server Roles in Windows 2008 Exam Objectives New Roles in 2008 New Roles in 2008 Read-Only Domain Controllers (RODCs) Read-Only.

Copyright line. Configuring Server Roles in Windows 2008 Exam Objectives New Roles in 2008 New Roles in 2008 Read-Only Domain Controllers (RODCs) Read-Only.
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 4 Introduction to Active Directory and Account Management

Chapter 4 Introduction to Active Directory and Account Management
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.

Course 6425A Module 9: Implementing an Active Directory Domain Services Maintenance Plan Presentation: 55 minutes Lab: 75 minutes This module helps students.
(ITI310) SESSIONS 9-10-11-12: Active Directory By Eng. BASSEM ALSAID.

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.

Similar presentations

Ads by Google