The most powerful account on any Windows machine is the local administrator account. Anyone having access to this account pretty much has the keys to the castle, as far as Windows machines go.  (Note: Although domain controllers don’t have a local administrator account per se, the domain administrator account that resides on them is effectively […]

It’s your first day on the job and you’re rearing to go. The previous administrator left two weeks ago so the servers have been running on their own with no administrative maintenance. Microsoft decides that today is also the day they are going to release a number of critical update patches to the Windows Server […]

This week we are going to change gears, moving away from planning to talk about creating recipients in Exchange 2000. We have four types of recipient objects that we can create in Exchange 2000, including mailbox-enabled recipients, mail-enabled recipients, contacts, and distribution groups. We will start with mailbox-enabled recipients, which have a Windows 2000 user […]

A great way to begin looking at object security in the Active Directory environment is with an overview of the different security elements that you must be familiar with. Many of the concepts covered here were first introduced in earlier articles, though with much less detail.
The first thing you’ll need to remember when taking a […]

Some of you will remember the group usage strategy outlined by Microsoft for NT 4 domain environments. It suggested that you place user accounts into global groups according to needs, assign permissions to local groups, and then place global groups into local groups, thereby giving users access to resources. This model was often referred to […]

Windows 2000 Active Directory presents a number of different group options not found in the NT domain environment. The two biggest changes are the different types/scopes of groups that now exist, as well as the ability to nest groups. Group accounts for domain users are again created in Active Directory Users and Computers
First, understand that […]

Creating user accounts in Active Directory is simply enough, seeing as a wizard walks you through the process. Simply right-click in Active Directory User and Computers, choose New – User, and you’re off to the races. The wizard only sets up basic account properties, such as names, logon names, passwords, and so forth. To get […]

Since the basics of this topic have already been covered in previous articles, I will keep this part short. Just as a review, remember that 3 main types of user accounts exist in a Windows 2000 Active Directory environment:
Local User Accounts: These accounts exist in the local Security Accounts Manager (SAM) database on each Windows […]

Active Directory is the directory service of Windows 2000. A directory service is a store of information used for the purpose of both accessing information about objects (such as users, computers, domains, etc) as well as providing authentication and security services. Active Directory is very similar to other X.500-based directory services such as Novell’s NDS […]

Much like in NT 4, a user profile defines a user’s desktop environment and settings. This can include things like the placement of desktop icons, drive and printer mappings, and mouse-related properties. In Windows 2000, two types of profiles still exist - local and roaming.
A local profile is the most simple. By default, every time […]