| Objectives This chapter covers the following Microsoft-specified objectives for the "Managing Users, Computers, and Groups" section of the Managing and Maintaining a Microsoft Windows Server 2003 Environment exam: Create and manage groups Create and modify groups by using the Active Directory Users and Computers console. Identify and modify the scope of a group. Manage group membership. Find domain groups in which a user is a member. Create and modify groups by using automation. For simplicity of network administration, we can create group objects and allocate resource access rights to these objects. Then by making user accounts members of the group, we can grant them the access that the group objects have been assigned.
Outline Introduction | 126 | Creating and Managing Groups | 126 | | | The Four Domain Functional Levels | 127 | | | The Three Forest Functional Levels | 128 | | | Group Type | 129 | | | Group Scope | 129 | | | | Domain Local Groups | 131 | | | | Global Groups | 132 | | | | Universal Groups | 132 | | | | Recommended Sequence of Groups | 133 | | | Default Groups | 134 | | | | Default Groups on Member Servers | 134 | | | | Default Groups in Active Directory | 136 | | | | System Groups | 137 | | | Creating and Modifying Groups by Using the Active Directory Users and Computers Console | 138 | | | Identifying and Modifying the Scope of a Group | 142 | | | Managing Group Membership | 144 | | | | Adding Accounts to Groups with Command-Line Tools | 146 | | | Finding Domain Groups in Which a User Is a Member | 148 | | | Creating and Modifying Groups by Using Automation | 149 | | | Assigning Groups | 151 | Chapter Summary | 153 | | | Key Terms | 153 | Apply Your Knowledge | 153 |
Study Strategies In studying this section, be sure to practice all the activities described. Become very familiar with Active Directory Users and Computers and creating groups. Examine the use of the default groups. Know their capabilities and limitations. You will need access to a Windows Server 2003 domain controller. Many of the tools are new, or they differ from those available in Windows 2000, so don't try to get by with a Windows 2000 domain controller. Memorize the AGDLP acronym and what it means. It is a best practice that will serve you well, both on the exam and on the job.
|