Lesson 9 - Chapter 3: Active Directory Flashcards
What is a Windows domain controller?
a type of server
What is Active Directory? What is it on?
a centralized networking database on a Windows domain controller (a type of server) that manages and maintains information about everything on the network
(user accounts, passwords, access to resources on a network)
Can a PC be part of a workgroup and a Active Directory domain?
No, it has to be one or the other
Active Directory is an integral part of what?
Windows server, it provides directory services to a Windows Server domain
What is single-sign on? (SSO)
valid domain accounts sign in once and have access to all domain resources
What type of businesses use a domain?
those with more than a dozen or so hosts
What is a domain?
a server running Windows Server controls access to network resources
How do you create a domain?
An admin creates a domain on the Windows Server system and makes it the domain controller (DC)
What is a domain controller? What is it used for?
a domain (server) that is created/assigned by an admin and used to create domain accounts for users in Active Directory
When a system joins a domain when it’s already part of a workgroup, what happens?
It automatically is removed from its workgroup
How do you log into a domain?
You enter your username when logging into a computer on a domain
Where are user accounts stored? What does it also function as?
User accounts are stored on the domain controller, which functions as the authentication server
What functions as the authentication server?
domain controller
What’s the text you input to log into a domain? (username)
(domain)backslash(domain username)
example:
totalhome\Vanessa
What’s one way to see the Active Directory?
log on directly to the domain controller and run the Active Directory Users and Computers utility
What is the Active Directory Users and Computers utility?
it’s a tool that provides basic Active Directory functions
What are organizational units? How do they appear?
they’re the domain’s organization. They show up as “folders” (not folders) under the domain name tree
In the Active Directory Users and Computers utility, what is the “Built-in” organizational unit?
stores all the built-in domain groups such as Domain Administrators and Users
In the Active Directory Users and Computers utility, what is the “Computers” organizational unit?
lists every system (from servers to workstations)
In the Active Directory Users and Computers utility, what does the “Domain Controllers” OU contain?
lists all the domain controllers
In the Active Directory Users and Computers utility, what is the “Users” OU?
stores all the non-built in users for the domain
What is the domain’s organization called?
organizational units (look like folders in the tree hierarchy)
What’s the domain equivalent of individual systems having an Administrator account?
domain administrators
What can domain administrators do in regards to joining?
join a computer to a domain
Can you promote a local user or group to a domain user or group? What would someone need to use to do this?
No, a domain admin must create a fresh new domain account on the domain controller using Active Directory Users and Computers
What happens if you create a new domain user account for a user but that user has a local PC that should be included in the domain?
you must join the PC to the domain or they won’t be able to log into the domain from their own PC
What’s a shortcut to get to the System Properties dialog box?
Start > Search for “Advanced System Settings”
Where do you go to create a new domain user account?
Active Directory Users and Computers
Where do you go to add a PC to a domain? (3 steps)
System Properties > Computer Name > Network ID
What happens if you remove a PC from a domain?
it prevents that PC from connecting to the domain in the future (they would still have their domain account and can sign in from another PC)
Where do you go to remove a PC from a domain? (6 steps)
- Domain controller
- Active Directory Users and Computers
- Right-click the computer
- Properties
- Member of Tab
- Select it > Remove
Where do domain administrators go to clean up account issues (reset passwords, unlock accounts, enable/disable)?
Active Directory Users and Computers
What are 2 common methods for setting up user accounts?
(Understand the difference for A+ exam)
- Login scripts
- Home folders
What’s a login script?
runs every time the user logs in to an Active Directory domain
(sooo many uses)
Active Directory lets you pick where you want to store user’s what?
home folders
What are home folders?
Pictures, Downloads, Documents, etc
What is required to use Active Directory’s feature to choose where to store user’s home folders?
requires the use of roaming profiles instead of local profiles
What happens every time you log onto a new pc with your (domain) user account?
Windows creates a new home folder for your domain account on that local machine
(so you have an empty home folder on that PC without a roaming profile)
What do roaming profiles allow you to do? Who sets them up?
Roaming profiles allows you to access your (populated) home folders no matter the PC you use to log into the domain (centralizes data)
Administrators set up roaming profiles on a remote server
What is folder redirection?
Administrators specify the location of the user’s home folders to a remote server rather than the local machine
What are 2 ways folder redirection can be performed?
- group policy
- manually
What is an organizational unit?
an Active Directory container
What does an organizational unit help you organize? How does it organize?
f
l
p
users and computers by function, location, and permission
(Users, Admins, Workstations, Servers, San Francisco, Dublin, Chicago, etc)
Can each OU have its own group policies? Yes or no?
Yes, and a domain can manage multiple OUs
An OU can be used to collect the members of a department or division. Can an OU also have its own administrator?
yes
What are the 2 types of security accounts that Active Directory provides?
user accounts and computer accounts
(representing a person or computer on the system)
What are the benefits of using security groups?
gives an admin the ability to assign user rights to an entire security group and configure access permissions to a system resource
What’s the difference between using the AD Group Policy utility on the server versus Local Group Policy Editor?
On the Local Editor, the settings only apply to the local machine (for that group) and when done on the server it pushes the policy out through login scripts