Being able to fully understand and learn Active Directory is no easy feat. Unlike most other network applications, Active Directory
Requires Free Membership to View
SearchMidmarketSecurity.com members gain immediate and unlimited access to breaking SMB industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchMidmarketSecurity.com today!
Michael S. Mimoso, Editorial Director
is a distributed, multiple-master app that must be secured and maintained. When
employees come and go, Active directory access control configuration policy settings need to be
preserved properly. Replications and event logs have to be checked regularly, and Active Directory
backup and security tests need to be performed. In this Active Directory learning guide, our best
SearchMidmarketSecurity.com contributors offer AD tips that will help you learn
Active Directory basics and assist you with the task of setting up Active Directory securely.
How to back up Active Directory domain controllers
(see link
below)
To keep your Active Directory secure, you need to be prepared to quickly restore any one of the
domain controllers. Make sure you know how to
back up Active Directory. An AD disaster recovery plan needs to be at the top of your business
continuity list, and it can be carried out with free Windows utilities, too.
Contributor Joel Snyder also reviewed the pros and cons of using disk imaging software to create Active Directory domain controller backup images.
Active Directory health check
(see link
below)
Active Directory maintenance involves many ongoing tasks: checking event logs, testing,
defragmenting and making sure replications are working. Learn how to
check Active Directory health using the right tools. Ntdsutil, for example, can be used for
degfragmenting a large Active Directory, and DCdag has almost 30 different tests that will help you
check your AD security status.
Role-based access control in Active Directory
(see link
below)
Network managers can segment employees based on Active Directory Group membership, including HR
users, accounting department, or R&D lab teams that may need special privileges. Jennifer
Jabbusch demonstrates how role-based
access controls can be configured in Active Directory.
Other ways to configure Active Directory access control
(see link
below)
As organizations move to more stringent change management requirements, Active Directory can be
used to authenticate network managers to their switches, routers, firewalls and other
infrastructure devices. Jennifer Jabbusch continues her Active Directory training and reveals how
to configure
Active Directory in a way that improves your network infrastructure's authentication and access
control. AD, for example, can be used for both wired and wireless security purposes.
Active Directory Group Policy settings
(see link
below)
Endpoint integrity enforcement can be achieved through Active
Directory Group Policy settings. If you're avoiding NAC, make sure you know the top five
desired endpoint integrity checks for most security and network administrators.
 |
||||
|
|
|||
|
||||
Active Directory autoenrollment
(see link
below)
Joel Dubin responds to a reader's question and reveals how setting
up Active Directory autoenrollment will help to automatically delete user certificates on the
certificate authority (CA).
Need to restore Active Directory accounts? Dubin explains how ADSIEdit, LDP or DSACLS command-line tools (and three Microsoft-approved methods) will retrieve lost users.
Active Directory courses
(see link
below)
Trying to learn Active Directory basics? Joel Dubin recommends ways to gain comprehensive Active
Directory training, including vendor-neutral boot camps and vendor-driven deployment and
implementation courses.
Send your feedback to Editor@searchmidmarketsecurity.com.
This was first published in April 2010