MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide (70-297)
Chapter 1: Analyzing the Administrative Structure
- Figure 1.1: A departmental model organization chart
- Figure 1.2: The project-based model
- Figure 1.3: The product/service-based model
- Figure 1.4: Centralized administration with centralized resources
- Figure 1.5: The centralized administration/decentralized resources approach
- Figure 1.6: The decentralized administration model
- Figure 1.7: Hybrid administration model for delegation of remote resources
- Figure 1.8: Hybrid administration model for control of corporate standards
- Figure 1.9: Outsourced administration model
- Figure 1.10: Multiple domains for separation of administrative control
- Figure 1.11: Multiple forest structure
- Figure 1.12: OUs designed for administrative control
Chapter 2: Determining Business and Technical Requirements
- Figure 2.1: A sample network diagram using Visio
- Figure 2.2: A sample Connection Type form
- Figure 2.3: A sample Subnet Allocation form
- Figure 2.4: Nontransitive trust relationships
- Figure 2.5: Windows NT 4 domain structure
- Figure 2.6: Administrative delegation
- Figure 2.7: Windows 2000 Active Directory administration document
Chapter 3: Designing the Active Directory Forest Structure
- Figure 3.1: Domain administrative collaboration
- Figure 3.2: Forest administrative collaboration
- Figure 3.3: Domains built for data or service autonomy
- Figure 3.4: Forest designed for isolation
- Figure 3.5: Organization-based forest
- Figure 3.6: Isolated organization-based forest
- Figure 3.7: Resource forest
- Figure 3.8: Restricted-access forest
- Figure 3.9: Flowchart to determine isolated or autonomous control
Chapter 4: Designing the Active Directory Domain Structure
- Figure 4.1: Single domain used for centralized administration/centralized resources
- Figure 4.2: Single domain used for centralized administration/decentralized resources
- Figure 4.3: Single domain using OUs for decentralized administration
- Figure 4.4: Single domain using OUs for hybrid administration
- Figure 4.5: Single domain using OUs for outsourced administration
- Figure 4.6: Regional domain model
- Figure 4.7: Using multiple trees within the forest
- Figure 4.8: Trust path within a forest
- Figure 4.9: Shortcut trust path
- Figure 4.10: Comparison of the Windows NT 4.0 domains and the upgraded Active Directory structure
- Figure 4.11: Empty forest root and upgraded MUDs
- Figure 4.12: Upgrading Windows NT 4 to Windows 2003 Active Directory
- Figure 4.13: Windows NT 4.0 restructure
Chapter 5: Designing an Organizational Unit Structure for Administrative Purposes
- Figure 5.1: OU structure based on Location
- Figure 5.2: OU structure based on Organization
- Figure 5.3: OU structure based on Function
- Figure 5.4: OU structure based on Location, then Organization
- Figure 5.5: OU structure based on Organization, then Location
- Figure 5.6: OU design for administrative purposes
- Figure 5.7: OU design with OU created to control visibility
- Figure 5.8: The OU structure after top-level OUs have been created
- Figure 5.9: The OU structure after permissions have been delegated
- Figure 5.10: Migrating NT 4 MUD to OU, keeping the same administrative groups
Chapter 6: Designing Organizational Units for Group Policy
- Figure 6.1: The Group Policy tab after the Group Policy Management Console is added.
- Figure 6.2: Group Policy Objects within the GPMC
- Figure 6.3: Group Policy Modeling
- Figure 6.4: WMI filter for detecting adequate drive space
- Figure 6.5: OU structure enhanced for Group Policy application
- Figure 6.6: Corporate Standards GPO enforced at the domain level
- Figure 6.7: Corporate Standards affecting the Accounting OU
- Figure 6.8: Priorities for GPOs attached to the Accounting OU
- Figure 6.9: Processing order for GPOs at the Accounting OU
- Figure 6.10: Delegation tab for an OU
Chapter 7: Designing Accounts Access and Management
- Figure 7.1: The Default Domain Policy password policies
- Figure 7.2: The Default Domain Policy lockout settings
- Figure 7.3: Example of AGLP
- Figure 7.4: Example of AGDLP
- Figure 7.5: Example of AGUDLP
- Figure 7.6: Nesting groups for efficient resource access
Chapter 8: Designing the Site Topology
- Figure 8.1: Network map
- Figure 8.2: Multiple domain network map
- Figure 8.3: Site design layout
- Figure 8.4: Determining the nearest site
- Figure 8.5: Site design to support application requirements
- Figure 8.6: Replication schedules based on site links
- Figure 8.7: Site Link Bridge
Chapter 9: Designing Remote Access
- Figure 9.1: Network access hierarchy
- Figure 9.2: Example of the core tier
- Figure 9.3: Example of the distribution tier
- Figure 9.4: Example of the access tier
- Figure 9.5: Example of the bastion host firewall solution
- Figure 9.6: Example of the three- homed firewall solution
- Figure 9.7: Example of the back-to-back firewalls solution
- Figure 9.8: IP address allocation
Chapter 10: Analyzing Name Resolution
- Figure 10.1: Using the same domain name internally and externally
- Figure 10.2: Using a separate domain name internally than is used externally
- Figure 10.3: DNS server placement to support username resolution queries
- Figure 10.4: WINS hub-and-spoke-replication-topology
- Figure 10.5: WINS linear replication topology
- Figure 10.6: Multi-level WINS hub-and-spoke topology
- Figure 10.7: DNS servers in perimeter network