Home > Store

Creating Active Directory Infrastructures

Register your product to gain access to bonus material or receive a coupon.

Creating Active Directory Infrastructures

  • Published Mar 16, 2000 by Pearson.


  • This product currently is not for sale.
Not for Sale




  • Copyright 2000
  • Dimensions: 7 X 9-1/4
  • Pages: 320
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-087631-3
  • ISBN-13: 978-0-13-087631-7

  • Customize Windows(r) 2000 to match your organization's structure
  • Configure DNS, domains, sites, and organizational units
  • Implement and maintain secure, extensible architectures
  • Master Intellimirror and Dfs

Build a network that looks like your business with the power of Active Directory.

  • Get the answers you need right from the start
  • Plan an Active Directory infrastructure that can evolve with your business
  • Build in security at all levels
  • Manage replication of sites and domains
  • Master the entire Active Directory toolkit

With the Active Directory service of Windows 2000, you can create a logical view of the network that matches the structure of your organization's business model.

Plan for success with expert tips for surveying your organization's existing structure and needs, as well as future goals that your network will support. Then map the business and network data to the Active Directory infrastructure to create a live system that reflects your unique requirements.

This insider's view starts at the root level, covering everything from OU structure through group policy and down to the management of individual user accounts. Along the way, you'll learn to manage domains and trusts, delegation and configuration, and a host of other key skills. At every step, a companion case study shows you the options for implementation in a practical setting.

Whether you are a manager seeking to maximize Windows 2000 in your organization, or an IT professional charged with the actual system design and implementation Creating Active Directory Infrastructures is your expert guide for planning, implementation, and future growth. About the CD-ROM

Templates for planning your Active Directory infrastructure are provided on the accompanying CD. Sample templates have been completed using the information from the case study; the blank templates are yours for planning.

Sample Content

Downloadable Sample Chapter

Click here for a sample chapter for this book: 0130876313.pdf

Table of Contents

1. Active Directory Concepts.

What Is the Active Directory? Design Goals of the Active Directory. Active Directory Namespace. LDAP in the Active Directory. Active Directory Hierarchy. Object. Organizational Unit. Domain. Tree. Domain Trees. Forest. Site. Active Directory Names. Global Catalog. Summary.

2. Gathering Business Data.

Who Should Plan an Active Directory Infrastructure. Tier 1: Core Planners. Tier 2: Review Committee. Tier 3: Management. Gather Organizational Structure Data. How Is the Organizational Structure Physically Located? Reviewing Users and Groups. Planning for the Future. Summary. Case Study.

3. Gathering Network Data.

Exploring Your Network Topology. Exploring Your Network Type and Protocol Usage. Exploring Network Links. Examining Your Current Hardware. Identifying Problem Areas. Summary. Case Study.

4. Planning Your Active Directory Namespace.

Overview of the DNS Naming Hierarchy. DNS Hierarchy. DNS Zones. How DNS Name Resolution Works. Planning Your Domain Name. Your Domain Name and the Internet. Use a Subdomain. Firewall. Private DNS Name. A Warning About DNS Servers. Summary. Case Study.

5. Planning Your Active Directory Domain Structure.

Domains and the Active Directory. Domain Consolidation in the Active Directory. Deciding Between Single or Multiple Domains. Multiple Domain Options. Domain Tree. Forest. Multiple Forests. About Sites. Summary. Case Study.

6. Planning Your Active Directory OU Structure.

OU Fundamentals. OU Hierarchy. Examining Your Administrative Model. Planning Your OU Structure. Example Domain Models. Geographic Structure. Business Division Structure. Administrative Structure. Combined Approach. Summary. Case Study.

7. Planning for Delegation.

Active Directory Security. Security Groups. Ownership. Inheritance. Planning for Delegation. Summary. Case Study.

8. Planning for Group Policy.

What Is Group Policy? Group Policy Console. Group Policy Options. Computer Configuration. User Configuration. Planning for Group Policy. Summary. Case Study.

9. Getting Ready for Implementation.

Understanding Mixed and Native Mode. Reexamining Your Domain Structure. Upgrading to the Active Directory. Examine Server Hardware. Consolidating Domains. Upgrade Steps. Summary. Case Study.

10. Installing the Active Directory.

Installing the Domain Root. Creating a Child Domain. Upgrading Backup Domain Controllers. Forest Configurations. Removing the Active Directory. Summary. Case Study.

11. Setting Up OUs and Accounts.

Setting Up OUs. Creating and Configuring User Accounts. Creating a New User Account. Configuring Account Properties. Creating and Configuring Group Accounts. Creating a New Group Account. Configuring Group Properties. Configuring Computer Accounts. Summary. Case Study.

12. Setting Up Other Objects.

Contacts. Printers. Printers Connected to Windows 2000 Computers. Printers Connected to Downlevel Computers. Printer Properties. Shared Folders. Summary. Case Study.

13. Configuring and Managing Domain Controllers, Domains, and Trusts.

Managing Domain Controllers. The Domains and Trusts Snap-in. Domain Properties. General. Trusts. Managed By. Summary. Case Study.

14. Understanding Active Directory Replication.

Active Directory Replication. The Replication Process. Change Notification. Update Request. Understanding Replication Partitions. Operations Masters. Replication Topology. Summary. Case Study.

15. Active Directory Sites and Replication.

Understanding Active Directory Sites. User Authentication. Replication Traffic. Service Localization. Installing Sites. Active Directory Sites and Services Tool. Creating a New Site. Site Container Properties. Setting Up Inter-Site Transports. Creating a New Site Link. Configuring Site Links. Creating Site Link Bridges. Domain Controller Settings. Site Licensing Computer. NTDS Site Settings. Server Settings. Global Catalog Selection. Defining Subnets. General Planning Tips. Summary. Case Study.

16. Setting Up Delegation and Security.

Delegation of Control. OU Delegation. Delegating a Domain. Delegating the Site. Setting Security. Using the Security Tab. Class and Attribute Security. Installing the AdminPak. Opening the Active Directory Schema. Setting Class and Attribute Security. Summary. Case Study.

17. Implementing Group Policy.

Overview of Group Policy. Group Policy Inheritance. The Group Policy Tabs. Editing a Group Policy. Software Installation. Windows Settings. Templates. Implementation Considerations. Summary. Case Study.

18. Active Directory Schema.

What Is the Schema? The Schema Manager Snap-in. Schema Classes. Schema Attributes. Summary.

19. Intellimirror and Dfs.

Intellimirror. Distributed File System (Dfs). Configuring Dfs. Summary.

20. Active Directory Backup and Restoration.

Backing Up the Active Directory. Creating a Backup Job Using the Wizard. Creating a Backup Job without Using the Wizard. Restoring Active Directory Data. Restoring the Active Directory Using the Wizard. Restoring the Active Directory without the Wizard. Authoritative Restore. Command Line Reference. Active Directory Maintenance. Common Problems. Can't Create Active Directory Objects. Can't Add a New Domain. Downlevel Clients Cannot Log On. Changes to Group Memberships Do Not Take Effect. Clients Cannot Access Resources in Other Domains. A Domain Controller Contains Outdated Active Directory Information. Some Active Directory Objects Have “Disappeared”. Summary. Case Study.

Appendix A: Worksheets and Forms.

Examining Your Company's Organizational Structure. Examining Your Network. Planning Your Domain Name. Planning Your Domain Structure. Planning the OU Structure. Planning for Delegation. Planning for Group Policy Implementation. Shared Resource Publication Request. Site Planning. Delegation Form.

Appendix B: Helpful Active Directory Tools.





The Active Directory is Microsoft's new directory service in Windows 2000. It has received a lot of attention, and if your business or organization has decided to implement the Active Directory in your network environment, you have a lot of planning to do. The Active Directory is a rich, extensible directory service that can be designed to meet the needs of your organization. Its overall goal: make network resources readily and easily accessible to end users.

If you are reading this book, more than likely you are one of the people who is responsible for setting up and maintaining the Active Directory in your network. One of your most important tasks, however, is carefully planning the Active Directory deployment before you ever sit down at the server. This book will help you develop an Active Directory infrastructure for your organization. By using the concepts and instructions in this book, you can develop an Active Directory implementation that meets the business and network needs of your company, enables end users to be more productive, and grows and changes as your company grows and changes.

What You Should Know First

This book is not a beginner's book, but you don't have to know everything about the Active Directory to get started. In this book, I assume you have worked with Windows 2000 Server and are generally familiar with its operations. You need to have a general understanding of TCP/IP and you should be familiar with basic Windows 2000 networking concepts. Aside from that, you will learn how to plan, install, and implement your Active Directory infrastructure in your environment.

However, if you are somewhat new to the Active Directory and Windows 2000 networking, you can still use this book and you will learn a lot as you do. I have tried to make everything discussed and explained as easy as possible so you can get the information you need to implement the Active Directory in a suitable manner.

What's in the Book

In this book, you will find a logical approach to planning and implementing an Active Directory infrastructure. You should read the book in order from front to back before you begin any Active Directory planning or implementation. This will ensure that you have the "big picture" before beginning. Then, once you are ready to start planning and implementing your infrastructure, use this book as a reference.

The following list tells you what you can expect to learn in each chapter.

Part One: Active Directory Planning

Chapter 1: Active Directory Concepts. This chapter gives you an overview of the basic Active Directory concepts and terminology you will need to know to work with the Active Directory.

Chapter 2: Gathering Business Data. This chapter explores the business data you will need to gather to plan your Active Directory infrastructure to meet the business needs and goals of your company.

Chapter 3: Gathering Network Data. This chapter explores the network configuration and topology data you will need to gather in order to plan for your Active Directory infrastructure. This data will help you examine how the Active Directory can work within your existing configuration or help you determine what network configuration may need to be upgraded or changed.

Chapter 4: Planning Your Active Directory Namespace. This chapter shows you how to plan your Active Directory DNS namespace.

Chapter 5: Planning Your Active Directory Domain Structure. This chapter explores your current domain and site configuration and shows you how your existing configuration can be upgraded for optimal use with the Active Directory.

Chapter 6: Planning Your Active Directory OU Structure. This chapter shows you how to plan your organizational unit (OU) structure so that it conforms to your existing and growing business model.

Chapter 7: Planning for Delegation. This chapter explores the powerful features of delegation and how they can impact your administrative model.

Chapter 8: Planning for Group Policy. This chapter introduces you to the new group policy features in the Active Directory.

Chapter 9: Getting Ready for Implementation. This chapter explores some final implementation issues you should examine, such as hardware and mixed environment issues.

Part Two: Implementing the Active Directory

Chapter 10: Installing the Active Directory. This chapter explores the installation of the Active Directory at the root domain and subdomains in your environment and how to manage the installation for each case.

Chapter 11: Setting Up OUs and Accounts. This chapter shows you how to configure your OU plan and set up Active Directory user and group accounts.

Chapter 12: Setting Up Other Objects. This chapter shows you how to set up all other Active Directory objects.

Chapter 13: Configuring and Managing Domain Controllers, Domains, and Trusts. This chapter explores domain and trust relationship configuration.

Chapter 14: Understanding Active Directory Replication. This chapter explores Active Directory replication and shows you how to manage replication.

Chapter 15: Active Directory Sites and Replication. This chapter shows you how to use the Active Directory tools to both plan and set up sites and replication between them.

Chapter 16: Setting Up Delegation and Security. This chapter shows you how to implement delegation and plan effective Active Directory object security.

Chapter 17: Implementing Group Policy. This chapter shows you how to implement your group policy plans through configuration.

Chapter 18: Active Directory Schema. This chapter explores the Active Directory schema and explains how the schema functions in an Active Directory environment.

Chapter 19: Intellimirror and Dfs. This chapter introduces you to two powerful tools in Windows 2000, Intellimirror and Dfs, and how these tools can further your Active Directory implementation.

Chapter 20: Active Directory Backup and Restoration. This chapter shows you how to manage and maintain the Active Directory so its performance and operation is optimized for your network.

Appendix A: Provides a list of all worksheets presented in the book.

Appendix B: Provides information about additional Active Directory tools you may find helpful.

About the Case Study

Beginning in Chapter 2, you find a case study at the end of most chapters. In the case study, a fictitious company, Bankston-Lewis, plans and implements an Active Directory infrastructure for their business. If you are a quick reader like me, you may have a tendency to skip over the case study, but you will learn just as much from the case study as the chapter content. Also, you will see a variety of templates used in the case study to help you plan your implementation. These templates are available on the CD-ROM at the back of the book and in Appendix A, so you can use them as worksheets.

About the CD-ROM

The CD-ROM contains templates that you can use to help you plan your Active Directory infrastructure. You can see the templates used in the case study sections at the end of each chapter, and the blank templates on the CD-ROM are yours to print out and use as worksheets.

Author's Note

Numerous examples of company planning and implementation are used in this book, both within the chapters and in the case study. All of these companies are fictitious and no relation to any real companies is implied or intended.


Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020