Monday 9 January 2012

Microsoft’s Active Directory Security Feature



Microsoft’s Active Directory overview

Active Directory overview
A directory is a hierarchical structure that stores information about objects on the network. A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators. For example, AD DS stores information about user accounts, such as names, passwords, phone numbers, and so on, and enables other authorized users on the same network to access this information


Security Features of Microsoft's Active Directory


•Delegated Administration
Allows administrators to assign administrative tasks to other users, while not granting users more power than needed. Delegated administration can be assigned over specific objects or contiguous subtrees of a directory. This is a much more effective method of giving authority over the networks; rather than granting someone the all powerful Domain Administrator permissions, he or she can be given permissions for just those systems and users within a specific subtree. Active Directory supports inheritance, so any new objects inherit the ACL of their container.

•Auditing
Just as you can audit NTFS partitions, objects and containers within Active Directory can be audited. This is a useful way to determine who is attempting to access objects, and whether or not they succeed.














References

http://technet.microsoft.com/en-us/library/cc758436(WS.10).aspx
Posted by at

2 comments:

  1. waikit10 January 2012 at 07:13

    Hi Dexter,
    After reading through your post, I found out that it rather plain not much information. You did great at the start by letting your readers have an overview of what Microsoft Active Directory is about, which is a good thing to do as it always good to let your readers know what they are reading about at the start before reading the rest of the post. After that there is where you problems came in, you talk about the security features and you only provided two points to it which I think it not enough. I do believe that you have not do your research well enough as there are more security features in Microsoft Active Directory. Additonal information you can add is to compare the two different version (2000 & 2003).

    ReplyDelete
  2. Wen An Thian12 January 2012 at 22:33

    I think that your post still lack of information. However, I find the introduction very good as it provide me an overview of the active directory. There should be more explaination given to support your explaination.

    ReplyDelete

Subscribe to: Post Comments (Atom)