DOCSLIB.ORG

8 Group Policies

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
8 Group Policies 3930 P-08 3/12/03 10:26 AM Page 293 Chapter 8 Group Policies Windows Server 2003 offers extensive control over system configuration and user environments through a feature called Group Policy. Group Policy settings may be applied to domain, site, and organizational unit (OU) Active Directory containers, giving the administrator more granular control over system configurations and user settings. The OS adds refinements to the group policies functions but does not substantially change the administrative interface or their basic nature in Windows 2000. More than 160 new policy settings are now available in Windows Server 2003. Among the affected functionality are settings for Control Panel, error reporting, Terminal Server, Remote Assistance, networking and dial-up connec- tions, Domain Name System (DNS), network logon, Group Policy, and roaming profiles. This chapter is divided into three main sections. The first reviews the concept of group policies; the second provides a number of implementation examples; and the third explores the underlying concepts of Microsoft’s IntelliMirror. Upon com- pleting this chapter, you should have the following: • A working knowledge of group policies • The ability to establish and modify group policy properties. • The ability to apply group policies to user accounts • An understanding of IntelliMirror technology and the ability to employ it UNDERSTANDING GROUP POLICIES Since group policies are designed to apply to a great number of users, they have the potential to reduce system administration support. Once a Group Policy setting 293 3930 P-08 3/12/03 10:26 AM Page 294 294 CHAPTER 8 GROUP POLICIES is established on a user account, it is automatically applied to the desired admin- istrative unit. This facility is especially helpful when applying security policies, but it is also widely used to establish consistency in user environments. For example, through the use of group policies, an administrator can control the options avail- able on users’ desktops and the delivery of applications. Group Policy also implements the bulk of the Microsoft IntelliMirror technol- ogy. This strategy capitalizes on the centralized management of client/server sys- tems while maintaining the flexibility and convenience of the distributed computing model. For example, users can log on from anywhere in the network and preserve user profiles, application data, security requirements, application access, and backup offline files. Microsoft’s IntelliMirror, as discussed in this chapter, provides more examples and details for this technology. Group policies can be extended by third-party application vendors as well to manage desktop settings for their applications. NOTE A user planning to modify group policies must have administrative privileges for the Active Directory and associated containers. Group Policy Management and Active Directory Group Policy management is accomplished by assigning Group Policy Objects (GPOs) to specific machines, sites, domains, and OUs from the Active Directory. Applying Group Policy involves determining which users and computers require policy settings so that selected Active Directory containers can group users and computers accordingly. GPOs are then applied to the desired Active Directory con- tainers and are inherited by child containers. Windows Server 2003 follows the LSDOU model in which inheritance flows in this order: local computer (L) → site (S) → domain (D) → organizational unit (OU). The LSDOU inheritance model may seem unnatural at first (Figure 8.1). Local computer GPOs are the first applied to any user who logs on to that par- ticular system. They can be overridden by the GPOs assigned to the user’s site, which are overridden by domain GPOs, which are overridden by relevant OU GPOs. This order gives the local administrator the first chance to set the com- puter’s policies. When GPO policies are enforced, any child GPO settings applied to a system are disabled. The local computer GPOs may not enforce policies. They are the first to be set, but may be nullified by further policy inheritance. 3930 P-08 3/12/03 10:26 AM Page 295 Understanding Group Policies 295 Local Computer Local Computer Policy The order of policy inheritance flows from the Site Policy GPO local computer, Site through the site, domain, and OU. Default Domain Policy GPO EntCert2.com Domain Public Docs Engineering Policies GPO Engineer Marketing Market Policies GPO OU Policies GPO OU Sustain Develop Comp Channel OU OU Marketing Marketing OU OU FIGURE 8.1 The Order of Policy Inheritance NOTE The exception to the LSDOU model comes into play when using Windows NT 4.0 policies that are set with the Policy System Editor. These are applied before the local GPOs. In other words, if the NTConfig.pol file exists, it will be used first to apply policies. These policies may be overwritten by GPOs applied to the domain, site, and OU containers. The LSDOU model provides a reference point for determining the users and computers a GPO affects. A GPO can be applied to any of three container types: site, domain, and OU. In Figure 8.1, the Default Domain Policy GPO has been as- signed to the Entcert2.com domain, so the users and computers in that domain as 3930 P-08 3/12/03 10:26 AM Page 296 296 CHAPTER 8 GROUP POLICIES well as all OUs within it will receive these policy settings. The same GPO may also be applied to more than one Active Directory container. In the figure, the Public Docs Policies GPO is applied to both the Engineering OU and the Marketing OU. This is referred to as linking. GROUP POLICY OBJECT STORAGE Before introducing the Group Policy feature set, it is important to understand, on the local and domain levels, Group Policy storage. Local computer policies are stored on the local system in the %SystemRoot%System32\GroupPolicy directory. They are not replicated to other systems, nor do they cover the complete range of policies accessible to enterprise-wide GPOs applied to Active Directory containers. Active Directory GPO storage is a little more complicated. These policies are stored in the Group Policy container (GPC) and the Group Policy template (GPT). The GPC includes version, status, and extensions for the GPO. As discussed earlier, it may be a site, domain, or OU Active Directory object, and is synchronized with other domain controllers on its own update schedule. Small amounts of information that are modified infrequently are stored in the GPC, which is assigned a globally unique identifier (GUID), such as {31B2F340-016D-11D2-945F-00C04FB984F9}, which corresponds to a GPT. Data stored in the GPC is used to determine whether the GPO is enabled and to ensure that the correct GPT version is applied to user and computer accounts in the container. The GPT is stored on domain controllers in the %SystemRoot%\SYSVOL\sysvol\ domainname\Policies\GUID folder for domain-wide replication and access. Stan- dard folders in this directory are Adm, USER, and MACHINE. All user and computer policy settings for the GPO are stored in the GPT and synchronized on a different schedule from that of its sister GPC information. The GPT contains the raw policy settings, including security settings and software installation information. It can be thought of as the folder structure you can see when modifying a Group Policy ob- ject from an MMC snap-in, such as is shown later in Figure 8.6. REFINING GROUP POLICY INHERITANCE In addition to inheritance order, several other rules control which users and com- puters are assigned group policies. These rules allow the administrator to refine policy application: • Policy inheritance • Blocking policy inheritance • Enforcing policy inheritance • Using security groups to filter group policies 3930 P-08 3/12/03 10:26 AM Page 297 Understanding Group Policies 297 Policy Inheritance The LSDOU model discussed earlier generally describes how Group Policy inher- itance is implemented in Windows Server 2003. A clear example may shed light on how it works. In Figure 8.1 the Engineering Policies GPO applied to the Engineer- ing OU is also inherited by the Sustaining and Development OUs. This shows that whereas child Active Directory containers inherit group policies, Group Policy in- heritance does not flow upward to parent containers. Let’s dissect the example in Figure 8.2 to illustrate this flow in greater detail. Poli- cies inherited by the Marketing OU from its parents are applied to members of the Channel Marketing OU. Users and computers in the Channel Marketing OU also apply the Marketing Policies GPO and Public Docs GPO to their systems upon boot- up and logon. The Distribution Centers GPO is applied last and may override group Inherit policies from a higher-level domain, site, or local computer GPO. Marketing OU Market Policies GPO Not Enforced Public Docs GPO Not Enforced All policies are inherited and applied to child OUs. Channel Market OU No Blocking Distribution Centers GPO FIGURE 8.2 An Example of Policy Inheritance 3930 P-08 3/12/03 10:26 AM Page 298 298 CHAPTER 8 GROUP POLICIES policies previously applied to the Channel Marketing OU. Thus, the lowest-level Ac- tive Directory container has the last opportunity to override inherited policies. NOTE As levels are added to the Active Directory hierarchy, more GPOs are applied to a user account when a user logs on to the network. A vertical domain container structure generally results in additional policies applied to the user, so it will take slightly longer to log on. Also, more GPOs make it more complex to determine which policies apply to a user. A very horizontal Active Directory structure may elim- inate some of this complexity and logon delay, illustrated in Figure 8.3. Blocking Policy Inheritance and Enforcement The inheritance hierarchy can be modified by use of the Override or Enforce func- tion, which blocks inherited features associated with parent GPOs.
Load more

Recommended publications
  • Workshare Protect Installation Guide WORKSHARE PROTECT INSTALLATION GUIDE
    GUIDE Workshare Protect Installation Guide WORKSHARE PROTECT INSTALLATION GUIDE Company Information Workshare Protect Installation Guide Workshare Ltd. (UK) Workshare Inc. (USA) 20 Fashion Street 208 Utah Street, Suite 350 London San Francisco E1 6PX CA 94103 UK USA Workshare Website: www.workshare.com Trademarks Trademarked names appear throughout this guide as well as on other parts of the Workshare Protect CD. Instead of listing these here or inserting numerous trademark symbols, Workshare wishes to state categorically that no infringement of intellectual or other copyright is intended and that trademarks are used only for editorial purposes. Disclaimers The authors/publishers of the Workshare Protect Installation Guide and associated Help material have used their best efforts to ensure accuracy and effectiveness. Due to the continuing nature of software development, it may be necessary to distribute updated Help from time to time. The authors would like to assure users of their continued best efforts in supplying the most effective Help material possible. The authors/publishers, however, make no warranty of any kind, expressed or implied, with regard to Workshare programs or Help material associated with them, including the Workshare Protect Installation Guide. The authors/publishers shall not be liable in the event of incidental or consequential damages in connection with, or arising out of, the programs or associated Help instructions. Copyright © 2010. Workshare Ltd. All rights reserved. Workshare Professional and Workshare DeltaView are registered trademarks of Workshare Ltd. Workshare Compare, Workshare Protect, Workshare 3, Workshare DeltaServer, SafetyGain, and the Workshare logo are trademarks of Workshare Ltd. All other trademarks are those of their respective holders.
    [Show full text]
  • Software Deployment by GPO the Next Area to Look at Is Software Deployment Gpos
    MCITP 70-622 Exam Cram: Supporting and Troubleshooting Applications on a Associate Publisher Windows Vista® Client for Enterprise Support Technicians David Dusthimer Copyright © 2008 by Que Publishing All rights reserved. No part of this book shall be reproduced, stored in a retrieval sys- Executive Editor tem, or transmitted by any means, electronic, mechanical, photocopying, recording, or Betsy Brown otherwise, without written permission from the publisher. No patent liability is assumed with respect to the use of the information contained herein. Although every Development Editor precaution has been taken in the preparation of this book, the publisher and authors Box Twelve assume no responsibility for errors or omissions. Nor is any liability assumed for dam- Communications, Inc. ages resulting from the use of the information contained herein. ISBN-13: 978-0-7897-3719-9 Technical Editors ISBN-10: 0-7897-3719-1 Chris Crayton Pawan Bhardwaj Library of Congress Cataloging-in-Publication Data Mancuso, Paul. Managing Editor MCITP 70-622 exam cram / Paul Mancuso, David Miller. Patrick Kanouse p. cm. Project Editor ISBN 978-0-7897-3719-9 (pbk. w/cd) Seth Kerney 1. Electronic data processing personnel—Certification. 2. Microsoft software— Examinations—Study guides. 3. Microsoft Windows (Computer file) I. Miller, David. Copy Editor II. Title. Chuck Hutchinson QA76.3.M3245 2008 005.4’46—dc22 Indexer 2008016537 WordWise Printed in the United States of America Publishing, Inc. First Printing: May 2008 Trademarks Proofreader All terms mentioned in this book that are known to be trademarks or service marks Kathy Ruiz have been appropriately capitalized. Que Publishing cannot attest to the accuracy of this information.
    [Show full text]
  • Coreldraw Graphics Suite 12 Network Administrator Guide
    CorelDRAW® Graphics Suite 12 Network Administrator Guide The contents of this network administrator guide and the associated CorelDRAW Graphics Suite 12 software are the property of Corel Corporation and its respective licensors, and are protected by copyright. For more complete copyright information about CorelDRAW, Corel PHOTO-PAINT, or Corel R.A.V.E., please refer to the About section in the Help menu of the software. Copyright 2002–2003 Corel Corporation. All rights reserved. Corel, the Corel logo, CorelDRAW, Corel PHOTO-PAINT, Corel R.A.V.E., Corel CAPTURE, CorelTRACE, and Scrapbook are trademarks or registered trademarks of Corel Corporation and/or its subsidiaries in Canada, the U.S., and/or other countries. Microsoft, Visual Basic, Windows, and IntelliMirror are registered trademarks of Microsoft Corporation in the United States and/or other countries. Adobe Illustrator is a registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. Bitstream and Font Navigator are registered trademarks of Bitstream, Inc. InstallShield is a registered trademark of InstallShield Software Corporation. Kodak Digital Science is a trademark of Eastman Kodak Company. Novell and ZENworks are registered trademarks of Novell, Inc. WinINSTALL is a trademark of OnDemand Software, Inc. Pentium is a registered trademark of Intel Corporation. Other product, font, and company names and logos may be trademarks or registered trademarks of their respective companies. Table of contents In tro duc tion ........................1
    [Show full text]
  • Wordperfect Office X6 Deployment Guide
    Deployment Guide Introduction Welcome! This guide is intended to support you, the administrator, in deploying Corel® WordPerfect® Office X6 to your network. Are you new to network deployment? For a nontechnical introduction to the concepts and processes discussed in this guide, please see the companion Corel® Beginner’s Guide to Network Deployment. Contents Stage 1: Preparing for deployment . .2 Stage 2: Creating the server image. .6 Stage 3: Installing the software . .10 Stage 4: Maintaining the installations . .20 Appendix: Specialized deployment scenarios . .26 Conventions Please note the following conventions used in this guide. Wherever you see this You’ll find italicized text A placeholder for user-specified information, such as a path or filename bold monospace text A reference to programming syntax For more information The following resources offer additional support. For information on See the following resource deploying Corel® software: Corel Beginner’s Guide to Network concepts & processes, Deployment general advice & best practices Corel Corporation, or a specific Corel® website: Corel software product www.corel.com support for Corel software Corel® Support Services website: www.corel.com/support the Microsoft® Windows® Microsoft® website Installer (MSI) technology, which is used to install Corel software Deployment Guide Introduction 1 Stage 1: Preparing for deployment Before beginning the deployment, take the time to familiarize yourself with Highlights: your network and the software you want to deploy to it. Doing so can help Server requirements. 2 your administrative duties run as smoothly as possible. Workstation requirements . 3 In this stage Getting to know your network. .2 Getting to know the software . .2 Setting up your network accordingly .
    [Show full text]
  • Distribucion De Software
    DISTRIBUCIÓN DE SOFTWARE: VERITAS DISTRIBUCION DE SOFTWARE UNIVERSIDAD NACIONAL COLOMBIA FACULTAD DE CIENCIAS ECONOMICAS UNIDAD DE INFORMÊTICA Director: Henry Martínez Sarmiento Coordinadores: Olga Lucia Bravo Oscar Javier Silva Romero Analista de Sistemas: Peter Fonseca Buitrago Programador: Êlvaro Enrique Palacios Coordinador UVirtual: Marco Aurelio Ortiz Coordinador Hardware: Mario Eduardo Cabrera ELABORADO POR: ADELAIDA AMAYA PINZÌN MARIA ALEJANDRA ENRIQUEZ Auxiliares de Investigación: Andrés Ricardo Romero Ingrid Milena Quintero Ángela Viviana Montañez Jeffer Cañon Hernández Astrid Ximena Parra Silva Jenny Teresa Jaramillo Carlos José Acuña Daza Jhon Alexander Soto Carolina Acosta Cifuentes Johanna Bolaños Méndez Daniel Alejandro Ardila Julián Ramírez Angulo Daniel Enrique Quintero Leydi Diana Rincón Daniel Felipe Moreno Leydy Johana Poveda David Alexander Arenas Liliana Teresa Salazar David Leonardo Maldonado Meiby Viviana Uyaban Leon Diana Janneth Organista Natalia Ibeth Cifuentes Diego Fernando Rubio Sonia Janeth Ramirez Erika Patricia Rodríguez Sue Ellen Lopez Coronado Erika Milena Padilla Esther William Zuluaga Yaneth Garzon Este trabajo es resultado del esfuerzo de todo el equipo perteneciente a la Unidad de Informática. Se prohíbe la reproducción parcial o total de este documento, por cualquier tipo de método fotomecánico y/o electrónico, sin previa autorización de la Universidad Nacional de Colombia. UNIVERSIDAD NACIONAL COLOMBIA 1 FACULTAD DE CIENCIAS ECONÓMICAS UNIDAD DE INFORMÁTICA DISTRIBUCIÓN DE SOFTWARE: VERITAS RESUMEN VERITAS WinINSTALL LE es un software que permite crear paquetes Windows Installer (*.msi) para instalar las aplicaciones en los computadores del cliente empleando políticas de distribución de software de Active Directory. Los paquetes Windows Installer contienen en sí mismos, archivos de base de datos donde se archivan los requisitos e instrucciones que el Instalador de Windows usa al instalar las aplicaciones.
    [Show full text]
  • Installing Officegate with Group Policy in a Distributed Company Environment
    Installing officeGATE with Group Policy in a distributed company environment 1st of March TECH-ARROW a.s. KAZANSKÁ 5, 821 06 BRATISLAVA, SLOVAKIA TECH-ARROW, a. s. | Kazanská 5B, 821 06 Bratislava, Slovakia, EU | IČO (Company ID): 45 914 290 | IČ DPH (VAT): SK2023151284 Contact: Phone: +421 220 741 794, +421 220 741 796 | E-mail: [email protected] | www.tech-arrow.com Page 0/15 Contents How to copy officeGate_Configuration.xml using Group Policy .................................................................................. 2 Create a Group Policy Object ........................................................................................................................................... 3 Windows 2008 Server and 2012 Server .................................................................................................................... 3 Copy officeGATE_Configuration.xml to the folder AppData .................................................................................... 4 How to deploy setups using Group Policy ......................................................................................................................... 5 Create a Distribution Point ............................................................................................................................................... 6 Create a Group Policy Object ........................................................................................................................................... 7 Windows 2003 Server ..................................................................................................................................................
    [Show full text]
  • Windows 7, Enterprise Desktop Administrator
    Microsoft 70-686 Windows 7, Enterprise Desktop Administrator Microsoft 70-686 Dumps Available Here at: https://www.certification-questions.com/microsoft-exam/70-686-dumps.html Enrolling now you will get access to 183 questions in a unique set of 70- 686 dumps Question 1 You are planning to upgrade Internet Explorer. You have the following requirements: - Create a report that identifies which computers are successfully upgraded. - Do not install additional software on the client computers. You need to design a deployment method that meets the requirements. What should you do? Options: A. Use Windows Server Update Services (WSUS). B. Use Internet Explorer Administration Kit (IEAK) and Group Policy. C. Use Microsoft System Center Configuration Manager. D. Use Microsoft System Center Essentials. Answer: A Explanation: Windows Server Update Services 2.0 and above comprise a repository of update packages from Microsoft. It allows administrators to approve or decline updates before release, to force updates to install by a given date, and to obtain extensive reports on what updates each machine requires. System administrators can also configure WSUS to approve certain classes of updates automatically (critical updates, security updates, service packs, drivers, etc.). One can also approve updates for "detection" only, allowing an administrator to see what machines will require a given update without also installing that update. http://en.wikipedia.org/wiki/Windows_Server_Update_Services Question 2 Your companys network has client computers that run Windows 7. Multiple users share the computers in the shipping department. These computers reside in the Shipping Computers organizational unit (OU). https://www.certification-questions.com Microsoft 70-686 The network design is shown in the following diagram.
    [Show full text]
  • Archive Manager for Exchange 8.3
    Metalogix® Archive Manager for Exchange 8.3 Outlook Add-in Installation Guide © 2020 Quest Software Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser’s personal use without the written permission of Quest Software Inc. The information in this document is provided in connection with Quest Software products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest Software products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST SOFTWARE ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON- INFRINGEMENT. IN NO EVENT SHALL QUEST SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST SOFTWARE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest Software makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice.
    [Show full text]
  • This Video Will Provide an Introduction and Explain the Concepts to What Can Be Achieved Using Group Policy for Installation and Managing Software
    This video will provide an introduction and explain the concepts to what can be achieved using Group Policy for installation and managing software. The next video will go through how to configure Group Policy to install and manage software in your organization. 1 This video theory and concepts. Next video demonstration on how to deploy software using group policy. 2 A deployment solution should manage software throughout the software cycle. The software cycle includes the install, maintenance and retirement of the software. Group Policy is a free software solution. Other solutions like Microsoft Center Configuration Manager offer more features; however, they also cost money. 3 Group Policy Software Installation (GPSI) is the system that Group Policy uses to install software. Software can be deployed per user or per computer. No additional software is required other than a Domain Infrastructure. 4 Software can be deployed by assigning or publishing. Publishing is available only to user configuration. Assigning and publishing is available for both user and computer configuration. Publishing user: Software that is published needs to be installed by the user using the control panel. If the software supports it, the software can also be installed automatically if the user opens a file that is supported by that application. Publishing to the user also supports the ZAP file discussed later on. Assigning computer: Software assigned to the computer is automatically installed on the computer before the user logs in. Assigning User: Software that is assigned to the user is installed when the user launches the shortcut for that application. 5 Microsoft Software Installer (MSI) is a package format used by Windows Installer.
    [Show full text]
  • Roxio Secure Burn Enterprise Deployment Guide
    Roxio Secure Burn Enterprise Deployment Guide Welcome to the system administrator’s deployment guide. This guide is designed to help system administrators deploy Roxio® Secure Burn™ Enterprise in their organization. Prior to installing Roxio Secure Burn Enterprise, please ensure that all previous versions of the software have been uninstalled and that all other applications are closed. The default installation location for Roxio Secure Burn Enterprise is C:\Program Files(x86)\Roxio\Roxio Burn. This guide presents the following topics: • Installing Roxio Secure Burn Enterprise from the command prompt • Using the registry • Using the Permissions Manager • System requirements • Contact information This guide is intended only for the deployment of a multiple- user license of Roxio Secure Burn Enterprise and does not apply to other versions of the software. These instructions are designed for information technology professionals who may need to use advanced techniques to deploy Roxio Secure Burn Enterprise, or to tailor the product to fit their organization’s needs. Roxio Secure Burn Enterprise Deployment Guide 1 Individuals can simply install Roxio Secure Burn Enterprise by running the setup.exe installer program included on their installation disc or in the installation files. Setup.exe is an installer designed with a graphical user interface, and it provides all instructions necessary for normal installation. To learn how to use Roxio Secure Burn, please open the application, click the Help menu, and select from one of the available options. Installing Roxio Secure Burn Enterprise from the command prompt Roxio Secure Burn Enterprise can be installed by calling the setup.exe file from the commands prompt (Windows 7, Windows 8, Windows 8.1, and Windows 10).
    [Show full text]
  • Windows 2000 Terminal Server
    WordPerfect® Office 11 Network Administrator Guide The contents of this network administrator guide and the associated WordPerfect Office 11 software are the property of Corel Corporation and its respective licensors, and are protected by copyright. For more complete copyright information about WordPerfect Office 11, please refer to the About section in the Help menu of the software. Copyright 1996 - 2003 Corel Corporation. All rights reserved. Corel, the Corel logo, WordPerfect, Quattro Pro, Presentations, Paradox, CorelMEMO, Desktop Application Director, and PerfectExpert are trademarks or registered trademarks of Corel Corporation and/or its subsidiaries in Canada, the U.S. and/or other countries. Microsoft, Visual Basic, Windows, Windows NT, and IntelliMirror are registered trademarks of Microsoft Corporation in the United States and/or other countries. Novell is a registered trademark of Novell, Inc. Pentium is a registered trademark of Intel Corporation. Adobe, Acrobat, and Reader are registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. InstallShield is a registered trademark of InstallShield Software Corporation in the United States and/or other countries. Borland is a registered trademark of Borland Software Corporation. Other product, font, and company names and logos may be trademarks or registered trademarks of their respective companies. Table of Contents Chapter 1: Introduction ..............1 IntelliMirror - Windows 2000 Server and Advanced Server · 21 What’s included in WordPerfect
    [Show full text]
  • Active Directory Database Information That Is Stored on Each Domain Controller in a File Named NTDS.Dit
    Active Directory database information that is stored on each domain controller in a file named NTDS.dit. Active Directory builds in fault tolerance through its multi-master domain con-troller design. In a Windows Server 2003 environment, Active Directory provides fault tolerance using a multi-master replication system, where multiple servers, installed as domain controllers, share a common database In Active Directory, each object is defined in a schema. A schema is a master database that contains definitions of all objects in the Active DirectoryͶit is the Active Directory. There are two parts to the schema, object classes and attributes. The GUID is a 128-bit hexadecimal number that is assigned to every object in the Active Directory forest upon its creation. This number does not change even when the object itself is renamed. An organizational unit is a container that represents a logical grouping of resources that have similar security guidelines. OUs can contain the following objects: Ŷ Users Ŷ Groups Ŷ Contacts Ŷ Printers Ŷ Shared folders Ŷ Computers Ŷ OUs Ŷ InetOrgPerson A domain tree is a grouping of domains that have the same parental hierarchy and share part of the name of the parent domain. Each tree contains a domain family. A forest is the highest level in the Active Directory domain hierarchy. Administrative security implemented at the forest level flows down through the hierarchy to all domain trees below. In a forest, Active Directory uses directory partitions to store and replicate information The forest-wide directory partitions include the schema and configuration partitions. They are defined as follows: ɶ Schema partition Contains the rules and definitions that are used for creating and modifying object classes and attributes.
    [Show full text]