MCSE Active Directory

ACTIVE DIRECTOTY (AD)
ad is a db which allows you to store, find, secure, access info relating to org resources
if ad is not used, then we can use workgroup env. All user accounts are created in SAM(Security Account Manager). Each computer can have SAM. if I have ten users, one option is that I will create 10 users on all computers, that is workgroup style. But, We can define users on one Domain Control(DC) & Connect all client os to DC(CENTRALIZE ADMIN). On DC we can make all users using AD. If there are many offices, then we can add domain controler n differnet offices. DC will syncronize the databases. that means, if we create one user on DC it will b automatically created on all DC(FLEXIBILITY). AD database is extensible

benefits of ad:

centralize admin:
flexibilty
extensible
Single Sign On (SSO)->user login once and get acccess to all resources with signing in just once. That is implemented using KERBOROS
Compatible with LDAP: differnt sytem (NOVEL, UNIX, WINDOWS) can work togather. Also, MAC & LINUX can access WIN 2003 AD because they are also compatible with LDAP
Group Security: to install sw on multiple machines at same time

NEWSID.EXE -> TO CHANGE SECURITY OF SYSTEM – DOWNLOAD it FROM MS WEBSITE