Managing Windows Server Managing Windows Server

2003 and Active Directory 2003 and Active Directory

Best Practices Best Practices
FHFGGH FHFGGH
Tanin Noirungsee Tanin Noirungsee
TechnoIogy SpeciaIist TechnoIogy SpeciaIist
Microsoft (ThaiIand) Microsoft (ThaiIand)
What What we wiII cover: we wiII cover:
Active Directory operations and tasks Active Directory operations and tasks
DHCP operations and tasks DHCP operations and tasks
DNS operations and tasks DNS operations and tasks
WINS operations and tasks WINS operations and tasks
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
Agenda Agenda
Active Directory Operations Active Directory Operations
DHCP Operations DHCP Operations
DNS Operations DNS Operations
WINS Operations WINS Operations
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
Active Directory Operations Active Directory Operations
Microsoft Operations Framework Microsoft Operations Framework - - MOF MOF
Service LeveI Management
FinanciaI Management
Service Continuity Mgmt
AvaiIabiIity Management
Capacity Management
Workforce Management
Change Management
Configuration Mgmt
ReIease Management
System Administration
Security Administration
Service Monitoring and ControI
Job ScheduIing
Network Administration
Directory Services Administration
Print Output Mgmt
Storage Management
Service Desk
Incident Management
ProbIem Management
Active Directory Operations Active Directory Operations
MOF Team ModeI and FunctionaI RoIes MOF Team ModeI and FunctionaI RoIes
I n f r a s t r u c t u r
e
I n f r a s t r u c t u r
e
P a r t n e r P a r t n e r
S e c u r i t y S e c u r i t y
R e I e a s e R e I e a s e
S u p p o r t S u p p o r t
O p e r a t I o n s O p e r a t I o n s
Change management
Release/systems engineering
Configuration control/asset management
Software distribution/licensing
Quality assurance
Messaging operations
Database operations
Network administration
Monitoring metrics
Availability management
Enterprise architecture
nfrastructure engineering
Capacity management
Cost/T budget mgmt
Resource and long range planning
Service desk/help desk
Production/production support
Problem management
Service level management
Maintenance vendors
Environment support
Managed services outsourcers
Managed services trading partners
Software/hardware suppliers
ntellectual property protection
Network and system security
Virus and intrusion detection
Audit and compliance admin
Contingency planning
Active Directory Operations Active Directory Operations
Operating Quadrant Processes Operating Quadrant Processes
DaiIy DaiIy
Back up Active Directory Back up Active Directory
As needed As needed
Restore Active Directory Restore Active Directory
Manage a SYSVOL Manage a SYSVOL
Manage Sites Manage Sites
Recover a domain controIIer through Recover a domain controIIer through
reinstaIIation reinstaIIation
Security Security
As needed As needed
Active Directory Operations Active Directory Operations
Optimizing Quadrant Processes Optimizing Quadrant Processes
AvaiIabiIity management AvaiIabiIity management
As needed As needed
Managing the Active Directory database Managing the Active Directory database
Adding a GIobaI CataIog Adding a GIobaI CataIog
Managing the Windows Time Service Managing the Windows Time Service
Managing trusts Managing trusts
Capacity management Capacity management
As needed As needed
Removing GIobaI CataIog Removing GIobaI CataIog
Reducing workIoad on PDC emuIator Reducing workIoad on PDC emuIator
Active Directory Operations Active Directory Operations
Changing Quadrant Changing Quadrant
ReIease Management ReIease Management
As needed As needed
InstaIIing a domain controIIer for an existing InstaIIing a domain controIIer for an existing
domain domain
Change Management Change Management
As needed As needed
Removing Active Directory Removing Active Directory
Active Directory Operations Active Directory Operations
Managing Windows Time Service Managing Windows Time Service
Managing the SYSVOL Managing the SYSVOL
Reducing WorkIoad on the PDC EmuIator Reducing WorkIoad on the PDC EmuIator
Choosing Standby Operations Master Choosing Standby Operations Master
Transferring to the Standby Operations Master Transferring to the Standby Operations Master
RoIe RoIe
demonstration demonstration
Agenda Agenda
Active Directory Operations Active Directory Operations
DHCP Operations DHCP Operations
DNS Operations DNS Operations
WINS Operations WINS Operations
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
DHCP Operations DHCP Operations
Operating Quadrant Processes Operating Quadrant Processes
DaiIy DaiIy
Data backup Data backup
Service monitoring and controI Service monitoring and controI
WeekIy WeekIy
Storage resource management Storage resource management
As needed As needed
Data backup, restore and recovery Data backup, restore and recovery
DHCP Operations DHCP Operations
Support Quadrant Processes Support Quadrant Processes
DaiIy DaiIy
CIassification and initiaI support CIassification and initiaI support
Investigation and diagnosis Investigation and diagnosis
WeekIy WeekIy
Investigation and diagnosis Investigation and diagnosis
As needed As needed
ProbIem management ProbIem management
DHCP Operations DHCP Operations
Support Quadrant Processes Support Quadrant Processes
DaiIy DaiIy
CIassification and initiaI support CIassification and initiaI support
Investigation and diagnosis Investigation and diagnosis
WeekIy WeekIy
Investigation and diagnosis Investigation and diagnosis
ProbIem management ProbIem management
DaiIy DaiIy
DHCP Operations DHCP Operations
Optimizing Quadrant Processes Optimizing Quadrant Processes
MonthIy MonthIy
Managing resource and service performance Managing resource and service performance
Capacity management Capacity management
Monitoring Monitoring
AnaIyzing AnaIyzing
Performance tuning Performance tuning
Reporting Reporting
DHCP Operations DHCP Operations
Changing Quadrant Processes Changing Quadrant Processes
DaiIy DaiIy
Change cIassification Change cIassification
MonthIy MonthIy
Configuration management Configuration management
Address pooI excIusions Address pooI excIusions
Lease durations Lease durations
Reservations Reservations
DHCP Operations DHCP Operations
Data Backup, Restore and Recovery Data Backup, Restore and Recovery
Monitoring Monitoring
Proactive AnaIysis and Review Proactive AnaIysis and Review
demonstration demonstration
Agenda Agenda
Active Directory Operations Active Directory Operations
DHCP Operations DHCP Operations
DNS Operations DNS Operations
WINS Operations WINS Operations
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
DNS Operations DNS Operations
Operating Quadrant Processes Operating Quadrant Processes
DaiIy DaiIy
Perform monitoring Perform monitoring
Data backup Data backup
WeekIy WeekIy
Storage resource management Storage resource management
As needed As needed
Data backup, restore and recovery Data backup, restore and recovery
DNS Operations DNS Operations
Support Quadrant Processes Support Quadrant Processes
DaiIy DaiIy
Proactive anaIysis and review Proactive anaIysis and review
WeekIy WeekIy
Proactive anaIysis and review Proactive anaIysis and review
MonthIy MonthIy
Incident cIosure Incident cIosure
As needed As needed
ProbIem recording and cIassification ProbIem recording and cIassification
DNS Operations DNS Operations
Optimizing Quadrant Processes Optimizing Quadrant Processes
DaiIy DaiIy
Managing resource and service performance Managing resource and service performance
MonthIy MonthIy
Managing resource and service performance Managing resource and service performance
As needed As needed
Design for recovery Design for recovery
DNS Operations DNS Operations
Changing Quadrant Processes Changing Quadrant Processes
DaiIy DaiIy
Change cIassification and authorization Change cIassification and authorization
WeekIy and MonthIy WeekIy and MonthIy
Review configuration items Review configuration items
DNS Operations DNS Operations
Reviewing Configuration Items Reviewing Configuration Items
Data Backup, Restore and Recovery Data Backup, Restore and Recovery
Managing Resources and Service Performance Managing Resources and Service Performance
Proactive AnaIysis and Review Proactive AnaIysis and Review
demonstration demonstration
Agenda Agenda
Active Directory Operations Active Directory Operations
DHCP Operations DHCP Operations
DNS Operations DNS Operations
WINS Operations WINS Operations
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
WINS Operations WINS Operations
Operating Quadrant Processes Operating Quadrant Processes
DaiIy DaiIy
Data backup Data backup
Proactive anaIysis and review Proactive anaIysis and review
WeekIy WeekIy
Storage resource management Storage resource management
As needed As needed
Data backup, restore and recovery Data backup, restore and recovery
WINS Operations WINS Operations
Support Quadrant Processes Support Quadrant Processes
DaiIy DaiIy
Investigation and diagnosis Investigation and diagnosis
Proactive anaIysis and review Proactive anaIysis and review
WeekIy WeekIy
Investigation and diagnosis Investigation and diagnosis
WINS Operations WINS Operations
Optimizing Quadrant Processes Optimizing Quadrant Processes
MonthIy MonthIy
Managing resources and server performance Managing resources and server performance
Capacity management Capacity management
Monitoring Monitoring
AnaIyzing AnaIyzing
Performance tuning Performance tuning
Reporting Reporting
WINS Operations WINS Operations
Changing Quadrant Processes Changing Quadrant Processes
DaiIy DaiIy
Change cIassification and authorization Change cIassification and authorization
MonthIy MonthIy
Reviewing configuration items Reviewing configuration items
WINS Operations WINS Operations
Reviewing Configuration Items Reviewing Configuration Items
Data Backup, Restore and Recovery Data Backup, Restore and Recovery
Proactive AnaIysis and Review Proactive AnaIysis and Review
demonstration demonstration
Agenda Agenda
Active Directory Operations Active Directory Operations
DHCP Operations DHCP Operations
DNS Operations DNS Operations
WINS Operations WINS Operations
Best Practices: Best Practices:
Guide for Securing Windows Server Guide for Securing Windows Server
Active Directory InstaIIations Active Directory InstaIIations
Windows Server Windows Server 2003 2003 Active Directory Active Directory
Branch Office Branch Office
For More Information. For More Information.
Microsoft SoIutions for Management Microsoft SoIutions for Management
www.microsoft.com/business/reducecosts/efficie www.microsoft.com/business/reducecosts/efficie
ncy/manageabiIity/defauIt.mspx ncy/manageabiIity/defauIt.mspx
Microsoft Service Product Operations Microsoft Service Product Operations
Guides Guides
www.microsoft.com/technet/itsoIutions/techguide www.microsoft.com/technet/itsoIutions/techguide
/msm/winsrvmg/defauIt.mspx /msm/winsrvmg/defauIt.mspx
Best Practices: Best Practices: Guide for Securing Guide for Securing
Active Directory InstaIIations Active Directory InstaIIations
PIanning In PIanning In- -Depth Active Directory Depth Active Directory
Security Security
EstabIishing Secure Active Directory EstabIishing Secure Active Directory
Boundaries Boundaries
DepIoying Secure Domain ControIIers DepIoying Secure Domain ControIIers
Strengthening Domain and Domain Strengthening Domain and Domain
ControIIer PoIicy Settings ControIIer PoIicy Settings
EstabIishing Secure Administrative EstabIishing Secure Administrative
Practices Practices
Securing DNS Securing DNS
ADSecurity ADSecurity2003 2003doc doc
Link: Link:
http http www wwwmicrosoft microsoftcom comwindowsserv windowsserv
er er2003 2003techinfo techinfooverview overviewadsecurity adsecuritym m
spx spx
Best Practices: Best Practices: Guide for Securing Guide for Securing
Active Directory InstaIIations Active Directory InstaIIations
Best Practices: Best Practices: Windows Server Windows Server
2003 2003 Active Directory Branch Office Active Directory Branch Office
PIanning for Active Directory DepIoyment in a PIanning for Active Directory DepIoyment in a
Branch Office Environment Branch Office Environment - - Part I. Part I. 6 6 chapters chapters
Active Directory branch office pIanning process and Active Directory branch office pIanning process and
provide recommendations on how to go about it. provide recommendations on how to go about it.
TechnicaI background information to heIp you understand TechnicaI background information to heIp you understand
the rationaIe for impIementing your branch office design. the rationaIe for impIementing your branch office design.
DepIoying Active Directory in a Branch Office DepIoying Active Directory in a Branch Office
Environment Environment - - Part II. Part II. 8 8 Chapters Chapters
Procedures necessary to depIoy Active Directory in your Procedures necessary to depIoy Active Directory in your
branch office environment. branch office environment.
Scripts and UtiIities Scripts and UtiIities
Scripts and updated utiIities that you can use during the Scripts and updated utiIities that you can use during the
depIoyment process. depIoyment process.
SignificantIy simpIify some of the operations used in the SignificantIy simpIify some of the operations used in the
depIoyment process outIined in this guide. depIoyment process outIined in this guide.
Best Practices: Best Practices: Windows Server Windows Server
2003 2003 Active Directory Branch Office Active Directory Branch Office
adbodg adbodg03 03.exe (seIf .exe (seIf- -extract zip fiIe) extract zip fiIe)
Link: Link:
http http www wwwmicrosoft microsoftcom comdownIoads downIoadsdd
etaiIs etaiIsaspx?FamiIyId aspx?FamiIyId9353 9353A A4 4FF6 6- -A A8 8A A8 8- -
40 40BB BB- -9 9FA FA7 7- -
3 3A A95 95C C9540112 9540112&dispIayIang &dispIayIangen en
Session Session Summary Summary
MSM is a combination of best practices MSM is a combination of best practices
to heIp customers achieve operationaI to heIp customers achieve operationaI
exceIIence exceIIence
MOF incIudes how to pIan and depIoy MOF incIudes how to pIan and depIoy
and maintain IT operationaI processes and maintain IT operationaI processes
Each Team roIe has specific functions Each Team roIe has specific functions
and goaIs in the MOF and goaIs in the MOF
Each function and goaI pIays a key roIe Each function and goaI pIays a key roIe
to success to success
dditional Materials dditional Materials
Web Sites Web Sites
http://www.microsoft.com/soIutions/msm/techinfo/defauIt.asp http://www.microsoft.com/soIutions/msm/techinfo/defauIt.asp
http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID= http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID=8 8
4 4dfe dfe61 61e e- -fb fb7 7bb- -4673 4673- -89 89bb8 8- -55 55bcc bcc801 801bb431 431&dispIayIang=en &dispIayIang=en
http://www.microsoft.com/downIoads/detaiIs.aspx?famiIyid= http://www.microsoft.com/downIoads/detaiIs.aspx?famiIyid=6 6c c
de de6 6ee ee7 7- -5 5df df1 1- -4394 4394- -92 92ed ed- -2147 2147c c3 3a a9 9ebbe&dispIayIang=en. ebbe&dispIayIang=en.
http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID= http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID=8 8f f
dd563 563e e1 1- -af af1 1e e- -49 49bb2 2- -a a926 926- -967147 967147ab ab153 153d&dispIayIang=en d&dispIayIang=en
http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID= http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID=4 4
ed ed7 7bb8 8c c2 2- -4 4dd8 8c c- -49 49bb0 0- -936 936dd- -f f74775 74775e e69 69c c52 52&dispIayIang=en &dispIayIang=en
http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID= http://www.microsoft.com/downIoads/detaiIs.aspx?FamiIyID=0 0
e e738084 738084- -dd8 8e e1 1- -4 4eca eca- -9 9c c3 3f f- -e e3 3f f6 6a a61 61f f69 69e e1 1&dispIayIang=en &dispIayIang=en
What is TechNet? What is TechNet?
Put the right answers at your fingertips Put the right answers at your fingertips
The comprehensive coIIection of resources to heIp IT pros The comprehensive coIIection of resources to heIp IT pros
pIan, depIoy and manage Microsoft products successfuIIy pIan, depIoy and manage Microsoft products successfuIIy
MonthIy updates deIivered on DVD or CD
The definitive resource to heIp you evaIuate, depIoy and
maintain Microsoft products
TechNet
Subscription
AccessibIe at www.microsoft.com/technet
OnIine resources and community
Subscriber-onIy OnIine Services
TechNet Web Site
BiweekIy e-newsIetter
Security updates, new resources, and speciaI offers
TechNet FIash
Briefings on the Iatest Microsoft products and technoIogies
Hands-on, "how to" information
TechNet Events
and Webcasts
User Groups
Managed Newsgroups
TechNet
Communities
Where Where Can Can I Get TechNet? I Get TechNet?
Visit TechNet onIine at Visit TechNet onIine at
www.microsoft.com/technet www.microsoft.com/technet
Register for the TechNet FIash Register for the TechNet FIash
/technet/abouttn/subscriptions/fIash_register.mspx /technet/abouttn/subscriptions/fIash_register.mspx
Join the TechNet onIine forum at Join the TechNet onIine forum at
www.microsoft.com/technet/community www.microsoft.com/technet/community
Become a TechNet subscriber at Become a TechNet subscriber at
www.microsoft.com/technet/abouttn/Subscriptions www.microsoft.com/technet/abouttn/Subscriptions
Attend more TechNet events or view onIine Attend more TechNet events or view onIine
www.microsoft.com/technet/community/events www.microsoft.com/technet/community/events
For For More More Information. Information.
Main TechNet Web site at Main TechNet Web site at
www.microsoft.com/technet www.microsoft.com/technet
AdditionaI resources to support this AdditionaI resources to support this
Session page can be found at Session page can be found at
www.microsoft.com/technet/tnt www.microsoft.com/technet/tnt1 1- -106 106
Microsoft Learning Microsoft Learning
Training Resources for IT ProfessionaIs Training Resources for IT ProfessionaIs
Managing and Maintaining a Microsoft Managing and Maintaining a Microsoft
Windows Server Windows Server 2003 2003 Environment Environment
Course Number: Course Number: 2273 2273
AvaiIabiIity: Now AvaiIabiIity: Now
DetaiIed SyIIabus: DetaiIed SyIIabus:
www.microsoft.com/Iearning www.microsoft.com/Iearning
To Iocate a training provider, pIease access To Iocate a training provider, pIease access
www.microsoft.com/Iearning www.microsoft.com/Iearning
ssess your Readiness ssess your Readiness
Microsoft SkiIIs Assessment Microsoft SkiIIs Assessment
What is Microsoft SkiIIs Assessment? What is Microsoft SkiIIs Assessment?
SeIf SeIf- -study Iearning tooI to evaIuate readiness for product and study Iearning tooI to evaIuate readiness for product and
technoIogy soIutions, instead of job technoIogy soIutions, instead of job- -roIes (certification) roIes (certification)
indows Server indows Server 2003 2003, , Exchange Server Exchange Server 2003 2003, indows Storage , indows Storage
Server Server 2003 2003, Visual Studio .NET, Office , Visual Studio .NET, Office 2003 2003
Free, onIine, unproctored, and avaiIabIe to anyone Free, onIine, unproctored, and avaiIabIe to anyone
Answers the question: "Am I ready?" Answers the question: "Am I ready?"
Determines skiIIs gaps and provides Iearning pIans with Determines skiIIs gaps and provides Iearning pIans with
Microsoft OfficiaI CurricuIum courses Microsoft OfficiaI CurricuIum courses
Post your High Score to see how you stack up Post your High Score to see how you stack up
visit visit www.microsoft.com/assessment www.microsoft.com/assessment
Become a Microsoft Certified Become a Microsoft Certified
Systems Administrator (MCSA) Systems Administrator (MCSA)
What is the MCSA certification? What is the MCSA certification?
For For IT professionaIs who manage and maintain IT professionaIs who manage and maintain
networks and systems based on Microsoft networks and systems based on Microsoft
Windows Server Windows Server
How do I become an MCSA on Microsoft How do I become an MCSA on Microsoft
Windows Server 2003? Windows Server 2003?
Pass 3 core exams Pass 3 core exams
Pass 1 eIective exam or 2 CompTIA certifications Pass 1 eIective exam or 2 CompTIA certifications
Where do I get more information? Where do I get more information?
www.microsoft.com/mcsa www.microsoft.com/mcsa
Become A Microsoft Certified Become A Microsoft Certified
Systems Engineer (MCSE) Systems Engineer (MCSE)
What is the MCSE certification? What is the MCSE certification?
Premier certification for IT Premier certification for IT pros who anaIyze the pros who anaIyze the
requirements, design, pIan, and impIement the requirements, design, pIan, and impIement the
infrastructure for business soIutions based on the infrastructure for business soIutions based on the
Microsoft Windows Server System Microsoft Windows Server System
How do I become an MCSE on Microsoft How do I become an MCSE on Microsoft
Windows Windows 2003 2003??
Pass Pass 6 6 core exams core exams
Pass Pass 1 1 eIective exams from a comprehensive Iist eIective exams from a comprehensive Iist
Where do I get more information? Where do I get more information?
www.microsoft.com/mcse www.microsoft.com/mcse
Demonstrate Your Security or Demonstrate Your Security or
Messaging SpeciaIization Messaging SpeciaIization
What are MCSA/MCSE speciaIizations? What are MCSA/MCSE speciaIizations?
AIIows IT professionaIs to highIight specific expertise AIIows IT professionaIs to highIight specific expertise
within their job roIe within their job roIe
Which speciaIizations are avaiIabIe? Which speciaIizations are avaiIabIe?
MCSA: Security MCSA: Security MCSA: Messaging MCSA: Messaging
MCSE: Security MCSE: Security MCSE: Messaging MCSE: Messaging
Where do I get more information? Where do I get more information?
www.microsoft.com/mcsa www.microsoft.com/mcsa or or
www.microsoft.com/mcse www.microsoft.com/mcse
MS Press MS Press
Inside information for IT ProfessionaIs Inside information for IT ProfessionaIs
To find the Iatest titIes, visit To find the Iatest titIes, visit
www.microsoft.com/Iearning/books/ www.microsoft.com/Iearning/books/
3 3rd Party PubIications rd Party PubIications
SuppIementary pubIications for IT Pro's SuppIementary pubIications for IT Pro's
These books can be found and purchased at aII major These books can be found and purchased at aII major
book stores and onIine retaiIers book stores and onIine retaiIers