Information Technology Reference
In-Depth Information
For example, the Domain Admins group and the administrator account are created in this
container.
You want to be sure to protect the administrator account. You should rename the admin
account and make sure the password is complex. Protected admin accounts can make your
network safer. Every hacker knows that there is an administrator account on the server by
default. Be sure to make your network safer by protecting the admin account.
Active Directory Objects
You can create and manage several different types of Active Directory objects. The follow-
ing are specific object types:
Computer
Computer objects
represent workstations that are part of the Active Directory
domain. All computers within a domain share the same security database, including user
and group information. Computer objects are useful for managing security permissions and
enforcing Group Policy restrictions.
Contact
Contact objects
are usually used in OUs to specify the main administrative con-
tact. Contacts are not security principals like users. They are used to specify information
about individuals outside the organization.
Group
Group objects
are logical collections of users primarily for assigning security per-
missions to resources. When managing users, you should place them into groups and then
assign permissions to the group. This allows for flexible management without the need to
set permissions for individual users.
InetOrgPerson
The
InetOrgPerson object
is an Active Directory object that defines attri-
butes of users in Lightweight Directory Access Protocol (LDAP) and X.500 directories.
MSIMaging-PSPs
MSIMaging-PSPs
is a container for all Enterprise Scan Post Scan Pro-
cess objects.
MSMQ Queue Alias
An
MSMQ Queue Alias object
is an Active Directory object for the
MSMQ-Custom-Recipient class type. The Microsoft Message Queuing (MSMQ) Queue
Alias object associates an Active Directory path and a user-defined alias with a public, pri-
vate, or direct single-element format name. This allows a queue alias to be used to reference
a queue that might not be listed in Active Directory Domain Services (AD DS).
Organizational Unit
An
OU object
is created to build a hierarchy within the Active
Directory domain. It is the smallest unit that can be used to create administrative group-
ings, and it can be used to assign group policies. Generally, the OU structure within a
domain reflects a company's business organization.
Printer
Printer objects
map to printers.
Shared Folder
Shared Folder objects
map to server shares. They are used to organize
the various file resources that may be available on file/print servers. Often, Shared Folder
objects are used to give logical names to specific file collections. For example, system
Search WWH ::
Custom Search