Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
73 Cards in this Set
- Front
- Back
|
ACE
|
Access control entry
|
|
|
ACL
|
Access Control lists
|
|
|
Activate Windows Server
|
Cscript C:\windows\system32\slmgr.vbs-ato
|
|
|
add server Core roles, components or features
|
Ocsetup.exe <component> /switch
|
|
|
ADSI
|
Active Directory Services Interface used by Windows PowerShell
|
|
|
Authentication
|
The mechanism by which an identity is validated by comparing secrets such as passwords provided by the user or computer to secrets maintained in the identity store
|
|
|
CN
|
Common Name
|
|
|
CSVDE
|
a command-line tool that imports or exports Active Directory objects from or to a comma-delimited text file.
|
|
|
DACL
|
Discretionary access control list
|
|
|
DC
|
Domain Controller
|
|
|
dll
|
Dynamic Link Library
|
|
|
DN
|
Distinguished name
|
|
|
DNS
|
Domain name system
|
|
|
Domain
|
An administrative unit of Active Directory. With a domain , all domain controllers replicate information about objects such as users,, groups and computers in the domain
|
|
|
DS Commands
|
Most of the DS commands take two modifies after the command itself: the object type and the object's DN
|
|
|
DSAdd
|
creates an object in the directory IE dsadd user "user DN" -samid pre-windows 2000 logon name -pwd {Password | *} -mustchpwd yes
|
|
|
DSGet
|
returns specified attributes of an object
|
|
|
DSMod
|
Modifies specified attributes of an object
|
|
|
DSMove
|
moves and object to a new container or OU
|
|
|
DSQuery
|
performs a query based on parameters provided at the command line and returns a list of matching objects
|
|
|
DSRM
|
Removes and object, all objects in the subtree beneath a container object or both
|
|
|
forest
|
the boundary of an instance of Active Directory. A forest contains one or more domains. All domains in the forest replicate the schema and configuration partitions of the directory.
|
|
|
Forest root domain
|
the first domain created in a forest
|
|
|
functional level
|
A setting that determines which features of Active Directory are enabled within a domain or forest. The functional level limits the versions of Windows that can be used by domain controllers in a domain or forest.
|
|
|
global catalog or partial attribute set
|
A partition of the Active Directory data store that contains a subset of attributes for every object in the Active Directory forest. The global catalog is used for efficient object queries and location.
|
|
|
Groups
|
provide permissions
|
|
|
identity store
|
A database of information regarding users, groups, computers, and other security principals. Attributes stored in an identity store include user names and passwords
|
|
|
Join a domain
|
Netdom join %computername% /domain:
|
|
|
Kerberos
|
A standard protocol used by Active Directory for authentication
|
|
|
LDAP
|
Lightweight Directory Access Protocol
|
|
|
LDIFDE
|
Lightweight Directory Access Protocol Data Interchange Format is a draft internet standard for file format that can perform batch imports and exports of active directory objects including users. -i import -f filename to import to or from
|
|
|
MMC
|
Microsoft Management Console
|
|
|
Namespace
|
A folder on a disk - a hierarchy that can be navigated Like a disk volume letter name or Mapped drive.
|
|
|
organization units
|
are administrative containers within Active Directory that are used to collect objects that share common requirements for administration, configuration or visibility.
|
|
|
OU
|
Organizational Unit
|
|
|
Providers
|
Namespaces are created by providers, which can be thought of as drivers. Example file system has a provider as does the registry. Powershell can access and manipulate in the namespaces of those providers.
|
|
|
Psdrives
|
Windows Powershell namespaces from any provider can be represented as PSDrives Windows PowerShell automatically creates a PS Drive for each drive latter already defined by Windows
|
|
|
SACL
|
System Access Control List
|
|
|
SAM ID
|
Security Account Manager ID
|
|
|
schema
|
a definition of the attributes and objects classes supported by Active Directory.
|
|
|
scripting steps
|
connect to the container (OU), create the object (user), populate its properties, (display name), commit the changes
|
|
|
set a static IPv4 configuration
|
Netsh interface ipv4
|
|
|
Site
|
An active Directory object that represents a portion of the network with reliable connectivity. Within a site, domain controllers replicate updates within seconds, and clients attempt to use the services within their site before obtaining the services from other sites
|
|
|
TCP/IP
|
Transmission Control Protocol/Internet Protocol
|
|
|
Type Adapter
|
Is a translator between .NET framework and Windows PowerShell. To connect to an active directory object, you submit an LDAP query string LDAP://OU=People,DC=contoso,dc=com"
|
|
|
UPN
|
User Principle Name The logon name plus the UPN suffix which by default is the domain to which you would logon ie: lflemingjm@hqda.army.mil Unique to entire forest. Email unique to the world!
|
|
|
WMI
|
Windows Management Interface
|
|
|
Which properties can be modified for multiple users simultaneously
|
General, Account, Address, Profile, Organization Tabs
|
|
|
What are the distinctions between name of a user object and an account
|
User Object Names sAMAccountName, User PrincipalName (UPN), display name and RDN. Account properties=an identity to which permissions and rights can be assigned.
|
|
|
sAMAcccountName Attribute
|
(preWindows 2000 logo name) must be unique for the ENTIRE domain
|
|
|
RDN
|
Relative Distinguished Name of an object. Must be unique in an OU.
|
|
|
Display Name
|
How users are listed in the GAL
|
|
|
unlock a user account
|
Set objUser = GetObject"LDAP://UserDN") objUser.IsAccountLocked = False objUser.SetInfo()
|
|
|
Distinguished Name (DN)
|
the most important LDAP attribute CN="josephine fleming",ou=people,dc=contoso,dc=com
|
|
|
SID
|
Security Identifier is created by the Windows 2000 security subsystem and assigned to security principal objects
|
|
|
Method
|
in the context of programming or scripting, an action performed on an object.
|
|
|
object
|
In the context of programming or scripting, a data structure that represents a system resource. Objects expose properties or attributes, methods or actions.
|
|
|
Delegation
|
Assignment of an administrative task.Delegation within Active Directory is achieved by modifying the DACL of an abject.
|
|
|
Saved Query
|
A view of Active Directory objects base on search criteria.
|
|
|
objectClass
|
|
|
|
IP address
|
An IP (Internet Protocol) address isa 32 bit binary unique number identifier for a node or host connection on an IP network. usually represented as 4 decimal values, each representing 8 bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted decimal" notation.
|
|
|
Group policy Member Of setting
|
Member of settings are cumulative
|
|
|
Group[ Policy by Members settings
|
GPOs that use the Members setting, only the member setting with the highest GPO processing will be applied and its list of members will prevail,
|
|
|
audit policy
|
A setting that configures the logging of security-related activities
|
|
|
Delegation
|
An assignment of administrative responsibility. A grant of permission to perform an administrative task
|
|
|
Extensible Markup Language
|
(XML) an abbreviated version of the Standard Generalized Markup Language (SGML) XML enables the flexible development of user-defined doc types, providing non-proprietary, persistent, and verifiable file format for the storage and transmission of text and data both on and off the Internet
|
|
|
Firewall
|
A hardware or software product designed to isolate a system or network from another network. Traditionally used to protect a private network from intrusion from the Internet. A firewall inspects inbound or outbound packets or both and determines, based on rules, which packets to allow to the other side of the firewall.
|
|
|
LDAP
|
The Primary access protocol for Active Directory.
|
|
|
Group Policy
|
used to configure the membership of groups, security settings, software management and auditing
|
|
|
RSoP
|
Resultant Set of Policies
|
|
|
GPO
|
A Group Policy Object is, by itself, just a collection of configuration instructions that will be processed by the CSEs (Client Side Extensions) of computers.
|
|
|
SOA
|
Start of Authority, and important record type in the Domain Name System.
|
|
|
Repadmin
|
Check replication consistency between replication partners, monitor replication status, display replication metadata, force replication events and knowledge consistency checker recalculation
|
