IT tutorials
 
Applications Server
 

Administering Active Directory 2008 : Creating and Managing Active Directory Objects (part 2) - Managing Object Properties

12/7/2014 8:21:38 PM
- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire

2. Managing Object Properties

Once you've created the necessary Active Directory objects, you'll probably need to make changes to their default properties. In addition to the settings you made when you were creating Active Directory objects, you can configure several more properties. In addition, you can access object properties by right-clicking any object and selecting Properties from the pop-up menu.

Each object type contains a unique set of properties.

2.1. User Object Properties

The following list describes some of the properties of a user object.

  • General: General account information about this user

  • Address: Physical location information about this user

  • Account: User logon name and other account restrictions, such as workstation restrictions and logon hours

  • Profile: Information about the user's roaming profile settings

  • Telephones: Telephone contact information for the user

  • Organization: The user's title, department, and company information

  • Member Of: Group membership information for the user

  • Dial-In: Remote Access Service (RAS) permissions for the user

  • Environment: Logon and other network settings for the user

  • Sessions: Session limits, including maximum session time and idle session settings

  • Remote Control: Remote control options for this user's session

  • Terminal Services Profile: Information about the user's profile for use with Terminal Services

  • COM+: Specifies a COM+ partition set for the user

2.2. Computer Object Properties

Computer objects have different properties than user objects. Computer objects refer to the systems that clients are operating to be part of a domain. The following list describes some computer object properties.

  • General: Information about the name of the computer, the role of the computer, and its description

    You can enable an option to allow the Local System Account of this machine to request services from other servers. This is useful if the machine is a trusted and secure computer.

  • Operating System: The name, version, and service pack information for the operating system running on the computer

  • Member Of: Active Directory groups that this Computer object is a member of

  • Location: A description of the computer's physical location

  • Managed By: Information about the User or Contact object that is responsible for managing this computer

  • Dial-in: Sets dial-in options for the computer

2.3. Setting Properties for Active Directory Objects

Now that you have seen the various properties that can be set for the Active Directory objects, let's go through an exercise on how to configure some of these properties.

Exercise 2 walks you through how to set various properties for Active Directory objects. In order to complete the steps in this exercise, you must have first completed Exercise 1.

Although it may seem somewhat tedious, it's always a good idea to enter as much information as you know about Active Directory objects when you create them. Although the name Printer1 may be meaningful to you, users will appreciate the additional information when they are searching for objects.


Exercise 2: Managing Object Properties

  1. Open the Active Directory Users And Computers tool.

  2. Expand the name of the domain, and select the RD container. Right-click the John Q. Admin user account, and select Properties.

  3. Here, you will see the various Properties tabs for the User account. Make some configuration changes based on your personal preferences. Click OK to continue.



  4. Select the HR OU. Right-click the All Users group, and click Properties. In the All Users Properties dialog box, you will be able to modify the membership of the group.



    Click the Members tab, and then click Add. Add the Maria D. President and John Q. Admin User accounts to the Group. Click OK to save the settings and then OK to accept the group modifications.

  5. Select the Sales OU. Right-click the Workstation1 Computer object. Notice that you can choose to disable the account or reset it (to allow another computer to join the domain under that same name). From the right-click menu, choose Properties. You'll see the properties for the Computer object.

    Examine the various options and make changes based on your personal preference. After you have examined the available options, click OK to continue.



  6. Select the Corporate OU. Right-click the Maria D. President User account, and choose Reset Password. You will be prompted to enter a new password and then you'll be asked to confirm it. Note that you can also force the user to change this password upon the next logon and you can also unlock the user's account from here. For this exercise, do not enter a new password; just choose Cancel.

  7. Close the Active Directory Users And Computers tool.


By now, you have probably noticed that Active Directory objects have a lot of common options. For example, Group and Computer objects both have a Managed By tab.

Windows Server 2008 allows you to manage many user objects at once. For instance, you can select several user objects by holding down the Shift or Ctrl key while selecting. You can then right-click any one of the selected objects and select Properties to display the properties that are available for multiple users. Notice that not every user property is available, because some properties are unique to each user. You can configure the description field for multiple object selections that include both users and non-users, such as computers and groups.

NOTE

A very important thing to think about when it comes to accounts is the difference between disabling an account and deleting an account. When you delete an account, the Security ID (SID) gets deleted. Even if you later create an account with the same username, it will have a different SID number and therefore, it will be a different account.

It is sometime better to disable an account and place it into a non-active OU called Disabled. This way if you ever need to re-access the account, you can do so.

Another object management task is the process of deprovisioning. Deprovisioning is managing Active Directory objects in the connector space . To learn more about deprovisioning, visit Microsoft's website.

As was mentioned earlier, it's always a good idea to enter in as much information as possible about an object. This allows systems administrators and users alike to get the most out of Active Directory and its properties.

 
Others
 
- Administering Active Directory 2008 : Creating and Managing Active Directory Objects (part 1) - Overview of Active Directory Objects
- Sharepoint 2010 : Windows PowerShell Remoting (part 2) - Entering a Remote Session, Running SharePoint 2010 Cmdlets Remotely
- Sharepoint 2010 : Windows PowerShell Remoting (part 1)
- Sharepoint 2010 : Windows PowerShell Scripts (part 3) - Writing Comment-Based Help Topics in Scripts,Using Functions in Scripts , Customizing Windows PowerShell with Profile Scripts
- Sharepoint 2010 : Windows PowerShell Scripts (part 2) - Executing Scripts, Using Parameters in Scripts
- Sharepoint 2010 : Windows PowerShell Scripts (part 1) - Setting the Execution Policy
- Sharepoint 2010 : Windows PowerShell Functions
- Sharepoint 2013 : Security and Policy - SharePoint Users
- Sharepoint 2013 : Security and Policy - Permissions and Permission Levels (part 2) - Creating Custom Permission Levels
- Sharepoint 2013 : Security and Policy - Permissions and Permission Levels (part 1)
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
programming4us programming4us
 
Popular tags
 
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS