Free Windows Certification
HOME OVER VIEW TUTORIALS TESTS BOOKS CONTACT USLinks  
   
Google
 
Windows Tips
ACTIVE DIRECTORY
TCP / IP
SECURITY
RECOVERY
SYSTEM CONFIGURATIONS
PRINTING
NETWORK
RAID
RAS
SERVICE PACKS


 
Windows XP : Windows 2003 : Windows 2000
 

Active Directory

How can I let users search, but not browse, Active Directory (AD)?

You can use either a policy setting or the registry to configure AD for browsing. To use the policy setting method, perform the following steps:

  1. Open Group Policy with the Group Policy Editor (GPE).
  2. Navigate to User Configurations, Administrative Templates, Desktop, AD.
  3. Double-click "Hide Active Directory folder."
  4. Select the Policy tab.
  5. Click Enabled, and click OK.
  6. Close the policy.
To use the registry to complete the same task, perform the following steps:
  1. Start the registry editor (e.g., regedit.exe).
  2. Navigate to HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft.
  3. If the Windows key doesn't exist, click Edit, New, Key to create the key.
  4. Look for "Directory UI" under the Windows key, and if it doesn't exist, click Edit, New, Key to create the key.
  5. From the Edit menu, select New-DWORD Value.
  6. Enter a name of HideDirectoryFolder, and press Enter.
  7. Double-click the new value, set it to 1, and click OK.
  8. Close the registry editor.
How can I move multiple users between organizational units (OUs)?

You can move individual users between OUs by right-clicking the user in the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in and selecting Move. To move multiple users, perform the following steps:

  1. Start the Active Directory Users and Computers snap-in (go to Start, Programs, Administrative Tools, and click Active Directory Users and Computers).
  2. Open the OU that contains the users you want to move.
  3. Select multiple users by holding down Ctrl and selecting each user (if the users are in sequence, you can select them all by left-clicking the first name, holding down Shift, then left-clicking the last name).
  4. Right-click the last user you selected, and select Move from the context menu.
  5. Select the destination OU, and click OK.
How can I move the ntds.dit file?

The ntds.dit file contains the Active Directory (AD) data for your domain and is stored in the %systemroot%\ntds folder. This file can become very large. To improve performance you might want to move this file to a faster drive. To do so, perform the following steps:

  1. Restart the domain controller (DC).
  2. Press F8 at the Startup menu when the system displays the list of OSs.
  3. Select Directory Services Restore Mode.
  4. Select the appropriate installation, if more than one exists, and then log on as an administrator at the logon prompt.
  5. Start a command prompt (Start, Run, cmd.exe).
  6. Start the NTDS utility, ntdsutil.exe.
  7. At the ntdsutil prompt, type "files" as shown below:

    ntdsutil: files

  8. At the file maintenance prompt, type the following:

    file maintenance: move DB to

  9. To view the database, at the file maintenance prompt, type "info" as shown below:

    file maintenance: info

  10. To verify the integrity of the database at its new location, at the file maintenance prompt, type "integrity" as shown below:

    file maintenance: integrity

  11. Type "quit" (without the quotation marks) twice to return to a C prompt.

  12. Restart the computer in Normal mode.

 1   2    3    4    5    6   7    8    9    10    11    12    13    14   [>>]