MCSE Designing a Microsoft Windows 2000 Directory Services Infrastructure Readiness Review; Exam 70-219 (Pro-Certification)
Lab Objectives
After completing this lab, you will be able to
- Define an OU structure
- Define security groups
About This Lab
In this lab, you will analyze portions of the existing environment at a medium-sized company to define an OU structure and security groups.
Before You Begin
Before you begin this lab, you must be able to
- Analyze an organization's environment to define its OUs
- Analyze an organization's environment to place user accounts
- Analyze an organization's environment to define groups
Exercise 5.1: Defining an OU Structure
In this exercise, you will analyze the existing environment at a medium-sized company to define an OU structure and security groups. Review the scenario; then follow the instructions to define the OU structure and security groups.
Scenario
Your design team is planning the Active Directory infrastructure for Uncle Bob's Root Beer, a worldwide producer of a root beer soft drink. Uncle Bob's has four regional offices in Melbourne, Chicago, Berlin, and New Delhi. There are 107 bottling plants worldwide. The corporate headquarters is located in Melbourne. Each regional office has a human resources, finance, sales, production, and distribution department. In addition, Melbourne also has a new products department. Uncle Bob's infrastructure plan uses one domain.
While reading through the business and technical environment analysis documents, you note the following:
- The IT management organization in each regional office administers user accounts and user desktop configurations, manages servers, and enforces network security.
- At the corporate headquarters, some administrators have administrative authority over the entire network in order to complete performance and security audits.
- In order to keep new products secure in the competitive soft drink industry, the New Products department has its own IT management organization that administers user accounts, manages users, and enforces network security.
- Though the IT management organization in each regional office administers user accounts for the Production department, each Production department administers access to its servers.
- All users in the company use the same e-mail and word processing applications.
- The Distribution department at each regional office uses its own proprietary distribution tracking software.
- The company requires that all human resources (HR) servers be hidden from non-HR personnel.
- Each regional office staffs a help desk whose users are permitted to reset passwords.
Exercise Questions
Based on your notes, follow the instructions below to define an OU structure.
- Create an OU structure diagram for Uncle Bob's Root Beer that supports the needs indicated in the scenario.
- Complete the table below to document each OU in your design, the reason for creating it, and the users and computers that it contains.
OU created Reason created Users and computers contained in the OU ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ ____________________ Answers
Exercise 5.2: Defining Groups
In this exercise, you will design security groups to provide users with access to network resources.
Scenario
Your design team is planning the security groups needed in connection with the Production department at the Chicago regional office of Uncle Bob's Root Beer. Recall that the Production department has its own IT management organization to manage resources, including servers. Users from all departments and locations of the company must be able to access information on the servers in the Chicago Production department. The table below identifies the resources managed by the Production department, the users that require access to the resources, and the level of access they require.
| Resource | Users requiring access | Access level |
|---|---|---|
| Formulas | Chicago Production Server Administrators | Full control |
| Formulas | Chicago Production Managers | Change |
| Formulas | Chicago Production Specialists | Read |
| Formulas | All Production Managers company-wide | Read |
| Production Logs | Chicago Production Server Administrators | Full control |
| Production Logs | Chicago Production Managers | Change |
| Production Logs | Chicago Production Specialists | Read |
| Production Logs | Chicago Distribution Managers | Read |
| Production Logs | All Production Managers company-wide | Read |
| Bottling Logs | Chicago Production Server Administrators | Full control |
| Bottling Logs | Chicago Production Managers | Change |
| Bottling Logs | Chicago Production Specialists | Read |
| Bottling Logs | Chicago Distribution Managers | Read |
| Bottling Logs | All Production Managers company-wide | Read |
| Customer Service Logs | Chicago Production Server Administrators | Full control |
| Customer Service Logs | Chicago Production Managers | Change |
| Customer Service Logs | Chicago Production Specialists | Read |
| Customer Service Logs | Chicago Distribution Managers | Read |
| Customer Service Logs | All Production Managers company-wide | Read |
| Customer Service Logs | All Distribution Managers company-wide | Read |
Exercise Questions
Complete the table below to document your security group design. Include the name of each security group, the group scope, and the members of the group. Also note whether the members are individuals or list group names if the members are groups.
| Group | Scope | Members |
|---|---|---|
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
| ____________________ | ____________________ | ____________________ |
Answers