Active Directory’s Ins and Outs

For a detailed look at Active Directory, peruse this technical reference.

• By Yolanda R. Reid
• February 01, 2001

If you haven’t worked with a directory service, Active Directory Services for Windows 2000 Technical Reference’s first chapter in Section One is a good place to start. It does a great job of explaining the business features of Active Directory (AD) and briefly touches on its technical aspects. But, be warned, this book isn’t written for beginners. After the first chapter the author quickly dives into how the AD service works, and the beginner may be lost by the quick transition from the first chapter to the second. (If you have worked with AD, however, Chapter 1 might prove a tad dull.)

If you’ve worked with NDS and LDAP and want to compare these with AD, this volume may be a bit disappointing. The author only briefly talks about LDAP, and NDS is discussed only in terms of migrating from NDS to AD. The author does, however, present a side-by-side comparison of AD and relational databases.

The rest of Section One is devoted to design considerations for a medium-size ore large environment. The section dedicates an entire chapter to AD and DNS, and this turned out to be one of the most concise, well-written references on Win2K DNS and its interoperability with AD that I’ve ever read. The author gives a detailed rundown on how the DNS process works within an AD environment.

Section Two really should be broken down into three subsections. The first subsection presents an in-depth description of AD that includes a planning guide; a good, but not detailed, introduction to Win2K security; an overview of the DC Promo process; and a detailed discussion of the AD Schema. The planning chapter presents useful information for those who aren’t sure where to start the deployment process. The security chapter offers a good overview but doesn’t fully cover security issues such as anonymous access, interoperability with NT 4.0 domains, or trusts.

The second subsection is dedicated to the practical implications of deploying AD. It’s a good starting point for those who are migrating from a previous NT 4.0 environment, NDS or Exchange 5.5. Meanwhile, the third subsection is a brief administrative guide covering what changes you can and can’t make after deployment. IntelliMirror and remote operating system installation also are covered.

Overall, this is a well-written, easy-to-read technical reference — as long as you have some experience with AD. The book doesn’t go into enough detail on subjects such as security and migration from NDS or Exchange 5.5. But, if nothing else, the DNS and Schema chapters make this book worth buying.