Setup an A.D.


Home     Sitemap

Servers - Configuring Active Directory will give you more options than a standalone server can.

Open the Active Directory Users and Computers console located in the Administrative Tools from the Programs listing.

If you look at the hierarchy you can use the set up as is or you can customize it with your own hierarchy.  Create your base container and add the other containers underneath. Once you have decided on your hierarchy then the only thing left to do is to do it! You can name the parent container anything you like, you will be doing a lot of work in it.

Servers - Configuring Active Directory Instructions:

If you have a small domain (less than 10 users) you can put your user ID's in the user container (all the folders in the AD interface are called containers, they look like folders but are not).

If you anticipate that you will have more users then create a new container for the domain. You can create containers for each of your departments, cities, or states under the parent container.

Name and create your containers that fits your business logic, if you are only in one city then you might want the containers to be departmental.

If you have locations in different cities but very few states then create your containers by the city then under that the departments, and so on.

A server does not have to be propriatray, it can be built from custom off the shelf parts.Consider how your users will access the resources of the domain.

Using Groups you can control each user ID's access to the resource. You can create the container under your new domain container along with the computers, user(s), groups, and printers.

After setting up your container hierarchy you can work on the domain user ID's. Unless you know how to set up a user ID (it is a little different from a user ID on a standalone system) use the help function built into the AD Console. 

Note: You will want to insure that there are other user ID's that have Administrator association, don't go overboard just users that you can trust with the security of your domain.

Next Groups, this is the meat of the security. You control who gets access to what resource through the Group function.

Need a server? You can build your own!

You can set up each group by function, department, city, state, or what you think is appropriate. You use groups to set security on your resources.

Servers - Configuring Active Directory

You wouldn't want a worker on the assembly line to have access to the a sensitive server or folder, but would want the a supervisor to have access to create reports. Servers have redundancy built in, dual NIC's, RAID Arrays, two or more power supplies, two or more processors.

Next you should think about creating containers for computers, printers, and servers (if you have more than two servers). This will simplify your administrative tasks. You can assign security to each Group then that security can be assigned to the objects in the container.

Servers - Configuring Active Directory

Note: When you join a computer to the domain it will reside in the Domain computers container. If you have a custom hierarchy with workstations and/or servers you will have to move the new computer name to one of these containers. A way around this is to create the computer name in the appropriate container  before joining it to the domain.

Sample: you have a department with fifteen users, of those three are supervisors. So you would create the container by department name, under that create two more containers. One for the supervisors and one for the workers. You put the three supervisors in the supervisor container and the workers in the worker container. Then you can assign rights to the supervisor Group to a folder on the server called reports. The workers will not have access to the folder called reports.

Parts of this Servers - Configuring Active Directory are from the Build a Server Guide.

Sample: You have three servers and thirty workstations. You create a container called Servers and one called Workstations. You move the servers into the server container and the workstations into the workstation container. You have two Domain Administrators but only one that will work on Servers and both will work on workstations. You give the one administrator access to the server Group and workstation Group. The workstation Group you give access to both. Thus the administrator that has workstation access can not log on to the servers.One of your servers could have a tape drive attached to it, that single tape drive can back up your data from all or most of your servers.

Sample: You have five printers. Four are for everyone's use but the super-duper color printer is very expensive to operate. How do you insure that only certain users can access the color printer? You create one container for the  printers. You give access to the color Group only to the users that require color printing. You give access to the other printer Group to all users.

This is a short guide not to be construed as a complete working of Active Directory.  If you need more help it is available with the help function. There are very comprehensive books available for a complete run down on how to use Active Directory.

As you can see a Domain will allow you to control who uses what, who access a high value resource or confidential files.

By the way ...

When your server is down you want to fix correctly and quickly not introduce more problems with an old ERD... Make your custom Emergency Repair Disk (ERD) BEFORE you need it! Check this out.

Emergency Repair
isk (ERD) - Will Yours Work?

Repair Disk

Custom made for you...

You keyboard isn't thirsty, and it doesn't need calcium. Milk and other liquids will ruin a keyaboard!

This Web
Site is a
labor of Love
But Love
doesn't pay
the bills!

Please chip in $5 to keep it live...

Need A Checklist?

Need A Repair Manual?

    Page copy protected against web site content infringement by Copyscape

You can:

Return to
previous page:





Thank you for visiting my web site, and please come back again.

This website is not intended for children under the age of 18

Author of this web site: Monte Russell

FTC Endorsement Rules
All testimonials on the DIY Computer Repair web site are from customers who were not paid to comment on any products!

The Flag of The United States of America!   Proudly Made in The U. S. A.

Copyright and Registered to, all thieves will be prosecuted to the fullest extent of international law!

From the Desert South West ~ Arizona, U. S. A.
Copyright DIY-Computer-Repair.Com 2006-2016


"You found this web site through:"

Active Search Results

Return to top of Configuring Active Directory

Servers - Configuring Active Directory

Home    About    Sitemap
Fix It Blog!

From the Desert South West ~ Arizona, USA
Copyright 2006-2015