Active Directory
The creation of users on computers where the users require access is a time-consuming activity that can be addressed by the use of Active Directory in the Always Fresh network. The use of Active Directory allows the system administrators to create not only users but also groups, which are then shared with the different computers in the network. Some of the major components of Active Directory are the domains. A domain stores various resources, such as printers and folders, used in the network (Dias, 2002). When creating users in the Active Directory, the system administrator creates the users in a domain. The domain administrator is then given the right to modify the policies of the specific Domain. Once created, the users and even the groups are stored in the domain controllers (Solomon, 2019).
An Active Directory can consist of either a single or multiple domain controller (DC). The domain controllers create central locations from which the various users and group policies can be modified (Desmond et al., 2008). In the current system used in the Always Fresh network, the system administrators are required to make changes to all the computers where the users are defined when making changes to the users, such as changing the passwords. The current process of making changes to the user accounts used by Always Fresh system administrators is not required after the implementation of the Active Directory. The various management tools that are found in an Active Directory make the process of modifying user accounts easier. This is because there is a central domain controller, and any modifications made to the user accounts are applied to the various computers in the network, which removes the need for the system administrators to modify the user accounts on each computer (Solomon, 2019).
The migration from using workgroups in the Always Fresh network to the use of Active Directory requires various changes to be made in the network by the system administrator. Examples of such changes include changing the network IP settings, installing the domain controllers, and migrating the user accounts (Sinay, 2020). Various tools are available for use by the system administrators during the user accounts migration process to the Active Directory. Examples of some of the tools include the Windows User State Migration Tool (USMT), the “Moveuser.exe” utility, as well as the “Exmerge” utility (Sinay, 2020).
The current workgroup environment used by the Always Fresh network requires the system administrators to address each difference that occurs in the user accounts on the different computers used in the organization. One of the benefits provided by Active Directory is providing central domain controllers to define the various user and group policies. To identify the specific user, the Active Directory assigns a security identifier (SID), which is a unique identifier with a variable length (Desmond, 2008). Since the Active Directory ensures that no two similar security identifiers are created, each user or group in the Domain has a unique SID. The unique SID of a user is applied in all the computers in the network, unlike in the workgroup environment, where a user has a different SID on every computer (Solomon, 2019). Therefore, since Active Directory removes the need for multiple SIDs on different computers, the single SID for every user makes it possible to address any differences between user accounts on different computers.
References
Desmond, B., Richards, J., Allen, R., & Lowe-Norris, A. G. (2008). Active Directory: Designing, Deploying, and Running Active Directory. ” O’Reilly Media, Inc.”.
Dias, J. (2002). A Guide to Microsoft Active Directory (ad) Design. Department of Energy Lawrence Livermore National Laboratory.
Sinay, Y. (2020, August 20). How to migrate from Workgroup network model to Domain based model? Retrieved September 03, 2020, from https://support.microsoft.com/en-us/help/555542
Solomon, M. G. (2019). Security Strategies in Windows Platforms and Applications. Jones & Bartlett Learning.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
Project Part 1: Active Directory Recommendations (This is from application security course)
Scenario
Assume you are an entry-level security administrator working for Always Fresh. You have been asked to evaluate the option of adding Active Directory to the company’s network.
Tasks
Create a summary report to management that answers the following questions to satisfy the key points of interest regarding the addition of Active Directory to the network:
- System administrators currently create users on each computer where users need access. In Active Directory, where will system administrators create users?
- How will the procedures for making changes to the user accounts, such as password changes, be different in Active Directory?
- What action should administrators take for the existing workgroup user accounts after converting to Active Directory?
- How will the administrators resolve differences between user accounts defined on different computers? In other words, if user accounts have different settings on different computers, how will Active Directory address that issue? (Hint: Consider security identifiers [SIDs].)
Required Resources
Internet access
Course textbook
Submission Requirements
Format: Microsoft Word (or compatible)
Font: Times New Roman, size 12, double-space
Citation Style: APA
Length: 2 to 4 pages
Self-Assessment Checklist
I addressed all questions required for the summary report.
I created a well-developed and formatted report with proper grammar, spelling, and punctuation.
I followed the submission guidelines.