 |
MSSG |
UCS Toolkit |
 |
USING ACTIVE DIRECTORY AT RUTGERS
Active Directory Domains are a common way for departments to manage authentication, authorization and policy on their Windows networks at Rutgers. The standard Rutgers DNS and IP environment present some challenges to the novice AD administrator. This guide assumes a certain level of technical competence in the administration of Windows Server 2000/2003 and Windows desktop systems. In addition, you should be familiar with the technical details of IP Addresses and Subnets, DHCP, DNS, LDAP, Kerberos, and other networking and authentication technologies associated with Active Directory.
Rutgers Specific Scenarios The setup of AD at Rutgers is usually done in a departmental scenario and the central DNS and DHCP architecture is not built to accommodate a full network forest scenario. Thus, your AD environment must integrate into the RU environment using alternative setup scenarios than those presented by the default AD planning and deployment scenarios.
The full University Recommended Active Directory Setup provides technical detail for configuring your Windows Active Directory environment.
Private IP Space In some environments, it is possible to have hosts on private IP address space. In this scenario, managing your DNS for Active Directory can prove problematic. Private IP addresses should not be included in responses to DNS queries from outside hosts. See the Rutgers TD Documentation on Private IP Address Space for additional details on the standards involved. Your options with private IP space are either to not provide DNS services for hosts outside your subnet, or provide a split horizon DNS system.
General AD Resources
- Active Directory Overview - All the documents here cover best practices in planning, deployment and security auditing of your active directory site. You should read each carefully before implementing AD in any environment and check your architecture against them if you are inheriting the site from another admin.
- TechNet AD Resources for System Administrators
- Active Directory Support Center
- Securing Windows XP Pro Clients in a Windows Server Environment
- Protecting Clients from Network Attacks
- Securing Windows 2000 Pro Clients in a Windows Server Environment
|
|
© 2005 Rutgers, The State University of New Jersey. All rights reserved.