Active Directory Exposed

A prerequisite read for anyone planning an AD implementation.

Daniel Blum's Understanding Active Directory Services is a prerequisite read for anyone beginning the process of planning an AD implementation in his or her enterprise. Beginning with chapter 1, the author describes the definition of a directory and its role in the enterprise. He presents a chapter-by-chapter roadmap describing the yield of your reading investment and then dispenses with the overview material and begins the tour of the AD.

After an excellent overview of LDAP, DNS, and Microsoft's use of both technologies in the AD, the author then goes on to present a brief overview of LDAP search mechanisms and the available APIs for programmatic manipulation of an LDAP namespace in chapter 2.

Next, he describes the high-level concept of the Microsoft Windows DNA application architecture to begin chapter 3. For those interested in how the AD will affect enterprise development, a reasonable overview of COM, DCOM, and middleware technologies is also presented.

Blum then keenly describes the AD components that stray away from the LDAP standards in chapter 4 through a discussion on domains, trees, forests, and the global catalog.

In chapter 5, the author takes a temporary departure from the theoretical realm by presenting a high-level overview of the installation of Windows 2000. However, instead of continuing on this practical track, the author gives a good overview of ADSI in chapter 6 but the writing remains too steeped in theory to adequately describe the robust nature of the ADSI with sufficient integrity.

In chapter 7, Blum presents some advice and methodologies you can employ to plan an AD namespace in your own enterprise, but focuses a bit too heavily on the importance of directory schema. As a result of this tangent, a vital element in planning a namespace isn't covered until chapter 9, causing the reader to lose focus on the importance of replication in the design of a namespace. Luckily, Active Directory Replication and Sites are covered in excellent detail in chapter 8, and the author even includes the often-omitted topics of meta-directory replication and multi-vendor directory replication.

The security mechanisms found in the AD are covered in sufficient detail in chapter 9 through careful attention to trusts, Kerberos authentication and PKI. In the latter section of chapter 9, the reader is presented with information on the role security descriptors play on the AD, which the author aptly uses to segue into a discussion of inheritance and delegation of authority for Active Directory objects and attributes.

In its final chapter, the book presents a valuable mix of theory and practical methodologies you can use to migrate an existing Windows NT infrastructure to Windows 2000.

In addition to the usual glossary and comprehensive index found within most technical titles on the shelf, this volume also features a one-sentence summary of each paragraph found in the text within the margins of each page. For those short on time, this can be an excellent way to get a quick understanding of the contents of the text for later review or to reinforce a concept long after the chapter was read.

Without a doubt, those in the early stages of planning an AD namespace will find Daniel Blum's book to be an invaluable cover-to-cover read.

About the Author

Thomas Eck, MCSE+I, MCSD, ASE, CCA, CAN, is a specialist with Perot Systems Corp., currently assigned as a systems architect, developer and project manager for a major European investment bank. Thomas is also the author of Windows NT/2000: ADSI Scripting for System Administration (New Riders).


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus