MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide (70-297)
-
A
- account/discretionary access control list (A/DACL)
-
Resource access method that enters the account directly into the discretionary access control list of an object to either allow or deny access.
- Account group
-
Term used to describe an Active Directory group object that is used to organize user accounts that have the same resource access requirements.
- Account group/discretionary access control list (AG/DACL)
-
Resource access method that uses global groups and includes them in the discretionary access control list of the object to which the users need access.
- Account group/Resource group (AG/ RG)
-
Resource access method that nests global groups within domain local or local groups in order to allow user accounts to have access to resources.
- Account Lockout Duration setting
-
The setting used to determine the amount of time that an account will remain locked after a prespecified number of bad passwords has been attempted to log on to a user account. If set to 0, the account will remain locked out until an administrator unlocks the account.
- account lockout restrictions
-
The settings that specify when an account should be locked when the password is entered incorrectly. These security measures protect from brute force or dictionary attacks.
- Account Lockout Threshold setting
-
The setting used to set the number of failed logon attempts that are allowed before the account is locked out.
- account OUs
-
Organizational units that are created to hold User, Group, and Computer accounts.
- account policies
-
The password, lockout, and Kerberos policies. These policies can be applied at the domain level or on a stand-alone system.
- Active Directory “integrated zones
-
DNS zones that have the resource record information stored in Active Directory. These require a DNS server that is also a DC. The DNS zone data is then replicated to other Active Directory “integrated DNS servers via Active Directory replication.
- Active Directory Migration Tool (ADMT)
-
A utility that administrators can use to move accounts from one domain to another. This tool can be used to move accounts between Windows NT, Windows 2000, and Windows Server 2003 domains.
- A/DACL
-
See account/discretionary access control list (A/DACL) .
- ADMT
-
See Active Directory Migration Tool (ADMT) .
- AG/DACL
-
See Account group/discretionary access control list (AG/DACL) .
- AG/RG
-
See Account group/Resource group (AG/RG) .
- alternate IP addressing
-
IP addressing option that allows an administrator to enter an IP address into a DHCP client that will be used whenever the DHCP client cannot obtain an IP address from a DHCP server. This IP address will be used instead of APIPA.
- APIPA
-
See automatic private IP address (APIPA) .
- attributes
-
Properties of an Active Directory object.
- authoritative zone transfer (AXFR)
-
DNS zone transfer that sends the entire zone datafile to another DNS server in order to keep it updated.
- automatic private IP address (APIPA)
-
An address that is automatically generated by a DHCP client when it is unable to obtain an IP address and it is not configured to use an alternate IP address.
- automation tools
-
Tools that allow an administrator to remotely administer computers
- autonomous model
-
This model lets you have control over resources so that administrators from outside of your domain, with the exceptions of the forest-level administrators, will not have any control over resources within your domain.
- AXFR
-
See authoritative zone transfer (AXFR) .