Design and implement an Active Directory infrastructure (physical)

15 Articles

Configuring Hash Publication

Last Updated On : Friday, May 29, 2015You configure Hash Publication in the Group Policy Object Editor, within the Computer Configuration | Administrative Templates | Network | Lanman Server hierarchy. Double-clicking Hash Publication For BranchCache in the details pane opens the Hash Publication for BranchCache dialog box, as shown in Figure 5-9. FIGURE 5-9 Configuring […]

Configuring Password Replication Policy

Last Updated On : Friday, May 29, 2015The Password Replication Policy can be configured when the AD DS role is being configured or afterward through Active Directory Users and Computers, within the Password Replication Policy tab of the RODC’s Properties sheet, shown in Figure 5-6. FIGURE 5-6 The Password Replication Policy tab in an RODC’s […]

Modifying filtered attribute set

Last Updated On : Friday, May 29, 2015The Filtered Attribute Set (FAS) is the set of attributes not replicated to an RODC. The default FAS contains the following: – ms-PKI-DPAPIMasterKeys – ms-PKI-AccountCredentials – ms-PKI-RoamingTimeStamp – ms-FVE-KeyPackage – ms-FVE-RecoveryPassword – ms-TPM-OwnerInformation Items you place in the FAS aren’t replicated, in case the RODC is placed at […]

Delegating administration

Last Updated On : Friday, May 29, 2015Administration of an RODC can be delegated at the time of installation through a feature called Administrator Role Separation (ARS). Delegation can be done to a user or group. This user has local administrative rights (not Domain Admin rights) to perform administration tasks on the RODC. RODC delegation […]

Implementing confidential attributes

Last Updated On : Friday, May 29, 2015You can mark certain attributes as confidential within a domain. The typical reason for doing so is to prevent unauthorized individuals from seeing the data marked as confidential. To mark an attribute as confidential, you use ADSI Edit and typically the ldifde tool. ———————– NOTE: CONFIDENTIAL ATTRIBUTES Confidential […]