Announcement

Collapse
No announcement yet.

AD Newbie Question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Newbie Question

    Hi All

    Well after a long struggle of me not wanting to learn AD I have now discovered that implementing an AD will make my life easier with managing all machines within our organisation (Over 40 Machines)

    Here are my newbie questions, first of I am reading Active Directory Resource Book to get to grips, and understand that it will take some time to get GPO setup right for us.
    I am planning on getting AD right so will be testing it first, this may take several weeks or months depending on how easy I find things. (Windows 2008 Standard)

    1) Should I allow the server to have the WSUS role before the AD is live, will this mean a re-configure for machines once AD is in place? Is it compatible?

    2) Print server is also needed and again should this even be installed as I semi-understand that AD has some sort of network printer manager? Unsure if this was the Print role attached?

    Any tips on AD for planning stage would be great.
    Andy

  • #2
    Re: AD Newbie Question

    Originally posted by Flux
    1) Should I allow the server to have the WSUS role before the AD is live, will this mean a re-configure for machines once AD is in place? Is it compatible?
    I'm afraid I don't have too much experience with Server 2008, but if the WSUS role works much like a regular WSUS server, hold off until the AD is totally implemented, as it should install an Administrative Template for controlling the WSUS server through AD. Having these policies flow down to client machines will be far easier than attempting to add the settings manually to that many machines. With the policy, you'll be able to tell all the client machines where to go for updates when they use Automatic Updates. Computers that you apply the policy to should automagically connect to the WSUS server and get the updates you've approved.
    Originally posted by Flux
    2) Print server is also needed and again should this even be installed as I semi-understand that AD has some sort of network printer manager? Unsure if this was the Print role attached?
    Once you share the first printer on the server, it will add the Print Server role. From there, you'll be able to choose to publish the printers in AD, which means that client machines will be able to search the directory for printers that they can install, and automatically install the drivers that you have added.
    Originally posted by Flux
    Any tips on AD for planning stage would be great.
    When I first started managing an AD network, everything was still set up in the Users container that comes by default. I ended up making OUs to put each division in - it greatly simplifies GP application and planning if you have separate OUs for each logical division that contain both the user accounts and the computer accounts. That way, policy is sure to be applied to who you want, rather than attempting to filter it using security groups or WMI.
    Don't fool yourself. If you truly feel passionate about something, you will do whatever it takes. If you don't, you'd better get busy pursuing happiness, because it's all you've got.

    Comment


    • #3
      Re: AD Newbie Question

      Thanks for answering that.

      Another question and may have nothing to do with AD.

      What is user CALs, is a CAL required for each user on AD?

      Comment


      • #4
        Re: AD Newbie Question

        User CALs give an individual user permission to connect to servers in AD
        You have a number of options:

        Server CALs allow up to x users to connect to a single server
        User CALs allow a user to connect to all servers in the domain
        Device CALs allow a device to connect to all servers in the domain

        In general, unless you are e.g. a school with more users than computers, user CALs are the most flexible

        And yes, you need the appropriate number of CALs for your organisation or Bill Gates will decide to "buy you out"
        Last edited by Ossian; 23rd April 2009, 12:48.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: AD Newbie Question

          So I cannot deploy AD DS on Windows Server 2008 to my users without getting a CAL for each user (only 3 machines have more users on them)?

          I presumed it was free to run and add users to the AD DS?

          Comment


          • #6
            Re: AD Newbie Question

            please check this out:
            http://www.learnlicensing.com/
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: AD Newbie Question

              I have now purchased the CAL's and moving forward.

              Comment

              Working...
              X