Active Directory Best Practices - Ten Years Later
Рет қаралды 47,520
7 жыл бұрынThis is not my video and I take no ownership of this video. If the owner contacts me to take it down, I definitely will oblige. I've tried to contact Dan Holme directly and indirectly through a Microsoft Rep on Spiceworks but I've had no response. I can't find this video anywhere else so I posted my copy. It has GREAT information that should be shared with the world.
@KanchanaRandika 5 жыл бұрын
I learned a lot in less than one hour. Brilliant presentation from Dan. Thank you for uploading!
@AllenOlayiwola 4 жыл бұрын
Never thought the MMC was this good, amazing video! Thanks for sharing.
@GamingCentralTV1 5 жыл бұрын
This is a gem microsoft vid
@reveng6705 Жыл бұрын
Many if not all stuff that is discussed in this great video also applies to AD running on Server 2019. Thanks for your work, Adam
@Adamj_1 Жыл бұрын
And Server 2022...anything on prem.
@jerryxie777 5 жыл бұрын
Great demo,I find that there are a lots of skills I don't know. Thank you😀
@andrecinelli 3 жыл бұрын
2021... Thank you!
@Kent21F1 5 жыл бұрын
wow ! great video !
@hisgreatness2 5 жыл бұрын
very good video!
@vasylvolyk Жыл бұрын
Useful. Thanks!
@jerryxie777 4 жыл бұрын
Thanks for your sharing, is there any new update skill for ad in windows 2019? I'm looking forward to that🥰
@karolkula9166 2 жыл бұрын
[Q] Where I could find more about implementation of "notification based replication between the sites"?
@ilishmaach 6 жыл бұрын
Do you have the script to extend the schema and assign computer ownership to users?
@Adamj_1 6 жыл бұрын
Please see my blog post at www.ajtek.ca/guides/role-based-access-security/
@dj9choco 2 жыл бұрын
Dude, i never thought a regular user will fit my env because im the only it employe, and i manage all the network, computers and erp. but with the mmc properly tweaked will be safe and easy to manage all the env
@Adamj_1 2 жыл бұрын
Yep. Separate Admin and Regular User - even for the single IT person (I'd also argue especially for the single IT person)
@bradzima1779 Жыл бұрын
I don't suppose you have a copy of the slide deck from this presentation?
@Adamj_1 Жыл бұрын
I do not. Sorry. Only the RBAC scripts on www.ajtek.ca/guides/role-based-access-security/
@tkazi Жыл бұрын
A monochrome PDF version of these are available at the following Microsoft download URL. I couldn't find the color version of these. download.microsoft.com/download/e/a/7/ea75457b-65d0-481c-b53b-d7ca2ae7ee08/s2b%20-%209.pdf
@aleJohnny 3 жыл бұрын
I love you.
@omarionrobinson4020 2 жыл бұрын
So blunt 😍
@gareginasatryan6761 4 жыл бұрын
I don’t know if he’s conflating domains with trees. Because while multi tree forests have decreased in popularity, his claim that “single domain forests” are the rage is flat out untrue. Most enterprises I’ve seen have multiple levels of subdomains.
@andreas956 4 жыл бұрын
Propably differs depending on your location and field. In my experience, a majority of my clients have had single domain forests.
@xerr0n 4 жыл бұрын
@@andreas956 the presentation is old, in the end hes talking about hoping that people enjoyed students to business 2011. Also note the server 2008 references in the video.....
@chancemanning8418 2 жыл бұрын
Edit: Please take my opinion with a grain a salt. Different Environments will work better with different OU structure. Great video. Not exactly sure how that OU structure shown around minute 10-11 would be best practice? It’s not very efficient for identifying users. Having All system users under a single OU then separating out by Security Groups seems to defeat the purpose of creating any OU in general. Identity Management should be a key component when organizing your AD.
@chancemanning8418 2 жыл бұрын
Having OU structure of departments OR regions of those users and computers would seem to be a better fit for deploying GPO. Security groups should be identified before hand and then be made to how granular you want to make security rules. Those groups could be placed within the OUs to organize them. But then again, the set up of OUs really isn’t that important, as long as it’s standardized and capable of identity management of your users.
@Adamj_1 2 жыл бұрын
See the video at part 43:30 to the end. You MANAGE via saved queries. For example You couldn't care if Joe Smith was in whatever department OU that you've created, you want to have your HelpDesk team reset his password. If you create your setup like in the video, management is SIMPLE and you set the permission ONCE. If you do it the way you're saying - creating department OUs and the like, you must grant access to reset passwords in MULTIPLE OUs instead of just the 1...
@julianhamann4925 Жыл бұрын
@@Adamj_1 Hey Adam, if I add a taskpad view to a saved query and then open the saved .msc as a different user (to delegate administration) then the taskpad view for the saved query is no longer visible. I have been unable to fix this issue. Is there something you need to do in order to have taskpad views in a saved query usable by other admins?
@Adamj_1 Жыл бұрын
@@julianhamann4925 Just tested this - Saved a taskpad and a saved query and a taskpad to a saved query and all 3 are showing up properly when executing on a different physical server VM, different user account as a delegation would. Not sure what you are experiencing as I can't replicate it.
Eli the Computer Guy
Рет қаралды 1,7 МЛН
Kindson The Tech Pro
Рет қаралды 141 М.
Black Hills Information Security
Рет қаралды 34 М.
Microsoft Ignite
Рет қаралды 6 М.