Active Directory Best Practices - Ten Years Later

Поделиться
HTML-код
  • Опубликовано: 4 дек 2024

Комментарии • 33

  • @KanchanaRandika
    @KanchanaRandika 5 лет назад +2

    I learned a lot in less than one hour. Brilliant presentation from Dan. Thank you for uploading!

  • @reveng6705
    @reveng6705 2 года назад +3

    Many if not all stuff that is discussed in this great video also applies to AD running on Server 2019.
    Thanks for your work, Adam

    • @Adamj_1
      @Adamj_1  2 года назад +3

      And Server 2022...anything on prem.

  • @AllenOlayiwola
    @AllenOlayiwola 4 года назад +3

    Never thought the MMC was this good, amazing video! Thanks for sharing.

  • @GamingCentralTV1
    @GamingCentralTV1 6 лет назад +6

    This is a gem microsoft vid

  • @andrecinelli
    @andrecinelli 3 года назад

    2021... Thank you!

  • @jerryxie777
    @jerryxie777 5 лет назад

    Great demo,I find that there are a lots of skills I don't know. Thank you😀

  • @jerryxie777
    @jerryxie777 4 года назад +1

    Thanks for your sharing, is there any new update skill for ad in windows 2019? I'm looking forward to that🥰

  • @Kent21F1
    @Kent21F1 5 лет назад +1

    wow ! great video !

  • @vasylvolyk
    @vasylvolyk 2 года назад

    Useful. Thanks!

  • @hisgreatness2
    @hisgreatness2 5 лет назад +1

    very good video!

  • @karolkula9166
    @karolkula9166 2 года назад

    [Q] Where I could find more about implementation of "notification based replication between the sites"?

  • @dj9choco
    @dj9choco 2 года назад

    Dude, i never thought a regular user will fit my env because im the only it employe, and i manage all the network, computers and erp. but with the mmc properly tweaked will be safe and easy to manage all the env

    • @Adamj_1
      @Adamj_1  2 года назад +1

      Yep. Separate Admin and Regular User - even for the single IT person (I'd also argue especially for the single IT person)

  • @aleJohnny
    @aleJohnny 3 года назад +2

    I love you.

  • @bradzima1779
    @bradzima1779 2 года назад

    I don't suppose you have a copy of the slide deck from this presentation?

    • @Adamj_1
      @Adamj_1  2 года назад

      I do not. Sorry. Only the RBAC scripts on www.ajtek.ca/guides/role-based-access-security/

    • @tkazi
      @tkazi 2 года назад +1

      A monochrome PDF version of these are available at the following Microsoft download URL. I couldn't find the color version of these.
      download.microsoft.com/download/e/a/7/ea75457b-65d0-481c-b53b-d7ca2ae7ee08/s2b%20-%209.pdf

  • @ilishmaach
    @ilishmaach 6 лет назад

    Do you have the script to extend the schema and assign computer ownership to users?

    • @Adamj_1
      @Adamj_1  6 лет назад +1

      Please see my blog post at www.ajtek.ca/guides/role-based-access-security/

  • @gareginasatryan6761
    @gareginasatryan6761 5 лет назад +1

    I don’t know if he’s conflating domains with trees. Because while multi tree forests have decreased in popularity, his claim that “single domain forests” are the rage is flat out untrue. Most enterprises I’ve seen have multiple levels of subdomains.

    • @andreas956
      @andreas956 4 года назад +1

      Propably differs depending on your location and field. In my experience, a majority of my clients have had single domain forests.

    • @xerr0n
      @xerr0n 4 года назад

      @@andreas956 the presentation is old, in the end hes talking about hoping that people enjoyed students to business 2011.
      Also note the server 2008 references in the video.....

  • @chancemanning8418
    @chancemanning8418 2 года назад

    Edit: Please take my opinion with a grain a salt. Different Environments will work better with different OU structure. Great video.
    Not exactly sure how that OU structure shown around minute 10-11 would be best practice? It’s not very efficient for identifying users. Having All system users under a single OU then separating out by Security Groups seems to defeat the purpose of creating any OU in general. Identity Management should be a key component when organizing your AD.

    • @chancemanning8418
      @chancemanning8418 2 года назад

      Having OU structure of departments OR regions of those users and computers would seem to be a better fit for deploying GPO. Security groups should be identified before hand and then be made to how granular you want to make security rules. Those groups could be placed within the OUs to organize them. But then again, the set up of OUs really isn’t that important, as long as it’s standardized and capable of identity management of your users.

    • @Adamj_1
      @Adamj_1  2 года назад +1

      See the video at part 43:30 to the end. You MANAGE via saved queries. For example You couldn't care if Joe Smith was in whatever department OU that you've created, you want to have your HelpDesk team reset his password. If you create your setup like in the video, management is SIMPLE and you set the permission ONCE. If you do it the way you're saying - creating department OUs and the like, you must grant access to reset passwords in MULTIPLE OUs instead of just the 1...

    • @julianhamann4925
      @julianhamann4925 2 года назад

      @@Adamj_1 Hey Adam, if I add a taskpad view to a saved query and then open the saved .msc as a different user (to delegate administration) then the taskpad view for the saved query is no longer visible. I have been unable to fix this issue. Is there something you need to do in order to have taskpad views in a saved query usable by other admins?

    • @Adamj_1
      @Adamj_1  2 года назад +1

      @@julianhamann4925 Just tested this - Saved a taskpad and a saved query and a taskpad to a saved query and all 3 are showing up properly when executing on a different physical server VM, different user account as a delegation would. Not sure what you are experiencing as I can't replicate it.