SlideShare a Scribd company logo

Network Implementation and Support Lesson 04 Group and Computer Accounts - Eric Vanderburg

Download as PPT, PDF
Eric Vanderburg
Eric Vanderburg

Network Implementation and Support Lesson 04 Group and Computer Accounts - Eric Vanderburg

Technology
1 of 17
Network Implementation & Support Chapter 4 Group & Computer Accounts Eric Vanderburg © 2006
Groups • Distribution Groups • Security Groups – Local & Domain Local • For permissions to local resources • Other groups should be inside – Global Group • User accounts should go here – Universal Groups • Contains accounts/groups from entire forest • Native mode only Eric Vanderburg © 2006
Resource 1 User 1 Resource 2 User 2 User 3 Resource 3 Eric Vanderburg © 2006
Local Group Resource 1 Resource 2 User 1 Global Group User 2 User 3 Local Group Resource 3 Eric Vanderburg © 2006
Local Group User 1 Resource 1 Global Group User 2 Resource 2 Universal Group User 3 Local Group Resource 3 Global Group User 1 User 2 Eric Vanderburg © 2006
Group Tabs • General – Type – Scope – Name • Members • Member Of • Managed By Eric Vanderburg © 2006
Group Rules • Users should be placed in groups • Permissions should be given to groups, not individual user accounts • Users can belong to many groups • Effective permissions – End result of all group memberships. All permissions from all groups are added together but deny overrides allow (use deny sparingly) Eric Vanderburg © 2006
Built-in Groups • • • • • • • • • Administrators (Also Domain & Enterprise) Account Operators - Create and manage user accounts Backup Operators - backup & restore Incoming Forest Trust Builders - make one way trusts to the root forest domain Network Configuration Operators - Change TCP/IP settings for DCs Performance Log Users - configure performance counters, logs, & alerts Performance Monitor Users - remotely view performance monitor Print Operators Remote Desktop Users Eric Vanderburg © 2006
Built-in Groups • Replicator - Can change the way AD data is sent between DC’s and can start the replicator • Server Operators - log onto DCs, start & stop services, backup & restore, format… • Cert Publishers - Publish CRL, CTL, & Templates • Enrollment Agent - Issue Certificates • DHCP Administrators • DNS Administrators • Group Policy Creator Owner • Schema Administrators • Help Services Group - Manage Help & Support center (remote assistance) • Guests Eric Vanderburg © 2006
Automatic Groups • User Groups • Everyone • Authenticated Users – non guest users • Interactive – local user • Network – logged onto domain • Creator / Owner • Anonymous Logon • Terminal Services User • Dialup Program/Service Groups • Service • Batch • System Eric Vanderburg © 2006
Functional Levels Functional Level Supported DC OS Windows 2000 Mixed Windows NT 4.0 Windows 2000 Windows Server 2003 Windows 2000 Native Windows 2000 Windows Server 2003 Windows Server 2003 Interim Windows NT 4.0 Windows Server 2003 Windows Server 2003 Windows Server 2003 • Can be a domain or forest functional level Eric Vanderburg © 2006
Functional Levels Functional Level Options Windows 2000 Mixed No Universal Groups & Nesting Windows 2000 Native Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History Win Server 2003 Interim No Universal Groups & Nesting Windows Server 2003 Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History, Rename DC’s Eric Vanderburg © 2006
Converting Groups • Groups can be changed by type or scope • Cannot be changed in a way that would violate a rule. Ex: Universal group containing other universal groups is changed to a global group. (Global groups cannot contain Universal groups) • Global cannot be changed to domain local • Domain local cannot be changed to global Eric Vanderburg © 2006
Computer Accounts • Used to restrict access to the domain to certain computers • Must be Domain/Enterprise admin to add computers • Managed computer - connects with a RIS server to download a Windows installation tailored for that computer • Each one has a password. Must be synchronized at least every 30 days Eric Vanderburg © 2006
Command Line • Commands can work for the following: – User – Group – Computer – Contact – OU – Site Eric Vanderburg © 2006
Command Line • Dsadd group “ldap” –secgrp yes –scope u –memberof “ldap” –members “ldap” • Dsmod group “ldap” –desc “description” – rmmbr “ldap of member to remove” – addmbr “ldap of member to add” • Dsquery group –scope u –name “name” – desc “description” – Can also be used on quotas & partitions • Dsmove “ldap” –newparent “ldap” – newname “name” Eric Vanderburg © 2006
Command Line • Dsrm “ldap” – removes entries • Dsget group “ldap” –members -memberof – Get members or member of groups • Netdom reset computer /domain: domain – Reset a computer account Eric Vanderburg © 2006

Recommended

LAN Fundamentals
LAN FundamentalsLAN Fundamentals
LAN FundamentalsSteven Baule
 
Unit09
Unit09Unit09
Unit09Nurul Nadirah
 
The "Cloud" Services - DuraCloud and DuraCloud Vault
The "Cloud" Services - DuraCloud and DuraCloud VaultThe "Cloud" Services - DuraCloud and DuraCloud Vault
The "Cloud" Services - DuraCloud and DuraCloud VaultDuraSpace
 
MCSA 70-412 Chapter 09
MCSA 70-412 Chapter 09MCSA 70-412 Chapter 09
MCSA 70-412 Chapter 09Computer Networking
 
The Future of Distributed Databases
The Future of Distributed DatabasesThe Future of Distributed Databases
The Future of Distributed DatabasesNuoDB
 
Storing and processing data with the wso2 platform
Storing and processing data with the wso2 platformStoring and processing data with the wso2 platform
Storing and processing data with the wso2 platformWSO2
 
2012 10 24_briefing room
2012 10 24_briefing room2012 10 24_briefing room
2012 10 24_briefing roomNuoDB
 
Introducing Node.js in an Oracle technology environment (including hands-on)
Introducing Node.js in an Oracle technology environment (including hands-on)Introducing Node.js in an Oracle technology environment (including hands-on)
Introducing Node.js in an Oracle technology environment (including hands-on)Lucas Jellema
 

Recommended

LAN Fundamentals
LAN FundamentalsLAN Fundamentals
LAN FundamentalsSteven Baule
 
Unit09
Unit09Unit09
Unit09Nurul Nadirah
 
The "Cloud" Services - DuraCloud and DuraCloud Vault
The "Cloud" Services - DuraCloud and DuraCloud VaultThe "Cloud" Services - DuraCloud and DuraCloud Vault
The "Cloud" Services - DuraCloud and DuraCloud VaultDuraSpace
 
MCSA 70-412 Chapter 09
MCSA 70-412 Chapter 09MCSA 70-412 Chapter 09
MCSA 70-412 Chapter 09Computer Networking
 
The Future of Distributed Databases
The Future of Distributed DatabasesThe Future of Distributed Databases
The Future of Distributed DatabasesNuoDB
 
Storing and processing data with the wso2 platform
Storing and processing data with the wso2 platformStoring and processing data with the wso2 platform
Storing and processing data with the wso2 platformWSO2
 
2012 10 24_briefing room
2012 10 24_briefing room2012 10 24_briefing room
2012 10 24_briefing roomNuoDB
 
Introducing Node.js in an Oracle technology environment (including hands-on)
Introducing Node.js in an Oracle technology environment (including hands-on)Introducing Node.js in an Oracle technology environment (including hands-on)
Introducing Node.js in an Oracle technology environment (including hands-on)Lucas Jellema
 
Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric VanderburgNetwork Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric VanderburgEric Vanderburg
 
9781111306366 ppt ch10
9781111306366 ppt ch109781111306366 ppt ch10
9781111306366 ppt ch10Dr. Ahmed Al Zaidy
 
Secure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollarSecure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollarDavid Rowe
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissionsWiliam Ferraciolli
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdfchapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdfKhadijaTahir29
 
itft_system admin
itft_system adminitft_system admin
itft_system adminSwati Aggarwal
 
Creating a fortress in your active directory environment
Creating a fortress in your active directory environmentCreating a fortress in your active directory environment
Creating a fortress in your active directory environmentDavid Rowe
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinalRafał Kucharski
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
Network operating system
Network operating systemNetwork operating system
Network operating systemJohn Carlo Catacutan
 
Anujit CV
Anujit CV Anujit CV
Anujit CV Anujit Dandapat
 
Anujit CV
Anujit CV Anujit CV
Anujit CV Anujit Dandapat
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9APSU
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9APSU
 
BSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopBSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopAjay Choudhary
 
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric VanderburgNetwork Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric VanderburgEric Vanderburg
 
Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03gameaxt
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemHendrik van Run
 
Active Directory Domain Services.pptx
Active Directory Domain Services.pptxActive Directory Domain Services.pptx
Active Directory Domain Services.pptxsyedasadraza13
 
GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 

More Related Content

Similar to Network Implementation and Support Lesson 04 Group and Computer Accounts - Eric Vanderburg

Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric VanderburgNetwork Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric VanderburgEric Vanderburg
 
Secure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollarSecure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollarDavid Rowe
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdfchapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdfKhadijaTahir29
 
Creating a fortress in your active directory environment
Creating a fortress in your active directory environmentCreating a fortress in your active directory environment
Creating a fortress in your active directory environmentDavid Rowe
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410omardabbas
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9APSU
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9APSU
 
BSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopBSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopAjay Choudhary
 
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric VanderburgNetwork Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric VanderburgEric Vanderburg
 
Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03gameaxt
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemHendrik van Run
 
Active Directory Domain Services.pptx
Active Directory Domain Services.pptxActive Directory Domain Services.pptx
Active Directory Domain Services.pptxsyedasadraza13
 

Similar to Network Implementation and Support Lesson 04 Group and Computer Accounts - Eric Vanderburg (20)

Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric VanderburgNetwork Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
Network Implementation and Support Lesson 03 User Accounts - Eric Vanderburg
 
9781111306366 ppt ch10
9781111306366 ppt ch109781111306366 ppt ch10
9781111306366 ppt ch10
 
Secure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollarSecure active directory in one day without spending a single dollar
Secure active directory in one day without spending a single dollar
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissions
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdfchapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
 
itft_system admin
itft_system adminitft_system admin
itft_system admin
 
Creating a fortress in your active directory environment
Creating a fortress in your active directory environmentCreating a fortress in your active directory environment
Creating a fortress in your active directory environment
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinal
 
MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410MCSA Installing & Configuring Windows Server 2012 70-410
MCSA Installing & Configuring Windows Server 2012 70-410
 
Network operating system
Network operating systemNetwork operating system
Network operating system
 
Anujit CV
Anujit CV Anujit CV
Anujit CV
 
Anujit CV
Anujit CV Anujit CV
Anujit CV
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9
 
Net essentials6e ch9
Net essentials6e ch9Net essentials6e ch9
Net essentials6e ch9
 
BSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming WorkshopBSides SG Practical Red Teaming Workshop
BSides SG Practical Red Teaming Workshop
 
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric VanderburgNetwork Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
Network Implementation and Support Lesson 09 Group Policy - Eric Vanderburg
 
Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03Microsoft Offical Course 20410C_03
Microsoft Offical Course 20410C_03
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginners
 
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication SystemCSD-2881 - Achieving System Production Readiness for IBM PureApplication System
CSD-2881 - Achieving System Production Readiness for IBM PureApplication System
 
Active Directory Domain Services.pptx
Active Directory Domain Services.pptxActive Directory Domain Services.pptx
Active Directory Domain Services.pptx
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Network Implementation and Support Lesson 04 Group and Computer Accounts - Eric Vanderburg

  • 1. Network Implementation & Support Chapter 4 Group & Computer Accounts Eric Vanderburg © 2006
  • 2. Groups • Distribution Groups • Security Groups – Local & Domain Local • For permissions to local resources • Other groups should be inside – Global Group • User accounts should go here – Universal Groups • Contains accounts/groups from entire forest • Native mode only Eric Vanderburg © 2006
  • 3. Resource 1 User 1 Resource 2 User 2 User 3 Resource 3 Eric Vanderburg © 2006
  • 4. Local Group Resource 1 Resource 2 User 1 Global Group User 2 User 3 Local Group Resource 3 Eric Vanderburg © 2006
  • 5. Local Group User 1 Resource 1 Global Group User 2 Resource 2 Universal Group User 3 Local Group Resource 3 Global Group User 1 User 2 Eric Vanderburg © 2006
  • 6. Group Tabs • General – Type – Scope – Name • Members • Member Of • Managed By Eric Vanderburg © 2006
  • 7. Group Rules • Users should be placed in groups • Permissions should be given to groups, not individual user accounts • Users can belong to many groups • Effective permissions – End result of all group memberships. All permissions from all groups are added together but deny overrides allow (use deny sparingly) Eric Vanderburg © 2006
  • 8. Built-in Groups • • • • • • • • • Administrators (Also Domain & Enterprise) Account Operators - Create and manage user accounts Backup Operators - backup & restore Incoming Forest Trust Builders - make one way trusts to the root forest domain Network Configuration Operators - Change TCP/IP settings for DCs Performance Log Users - configure performance counters, logs, & alerts Performance Monitor Users - remotely view performance monitor Print Operators Remote Desktop Users Eric Vanderburg © 2006
  • 9. Built-in Groups • Replicator - Can change the way AD data is sent between DC’s and can start the replicator • Server Operators - log onto DCs, start & stop services, backup & restore, format… • Cert Publishers - Publish CRL, CTL, & Templates • Enrollment Agent - Issue Certificates • DHCP Administrators • DNS Administrators • Group Policy Creator Owner • Schema Administrators • Help Services Group - Manage Help & Support center (remote assistance) • Guests Eric Vanderburg © 2006
  • 10. Automatic Groups • User Groups • Everyone • Authenticated Users – non guest users • Interactive – local user • Network – logged onto domain • Creator / Owner • Anonymous Logon • Terminal Services User • Dialup Program/Service Groups • Service • Batch • System Eric Vanderburg © 2006
  • 11. Functional Levels Functional Level Supported DC OS Windows 2000 Mixed Windows NT 4.0 Windows 2000 Windows Server 2003 Windows 2000 Native Windows 2000 Windows Server 2003 Windows Server 2003 Interim Windows NT 4.0 Windows Server 2003 Windows Server 2003 Windows Server 2003 • Can be a domain or forest functional level Eric Vanderburg © 2006
  • 12. Functional Levels Functional Level Options Windows 2000 Mixed No Universal Groups & Nesting Windows 2000 Native Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History Win Server 2003 Interim No Universal Groups & Nesting Windows Server 2003 Universal Groups Allowed, Group Nesting Allowed, Group Conversion Allowed, SID History, Rename DC’s Eric Vanderburg © 2006
  • 13. Converting Groups • Groups can be changed by type or scope • Cannot be changed in a way that would violate a rule. Ex: Universal group containing other universal groups is changed to a global group. (Global groups cannot contain Universal groups) • Global cannot be changed to domain local • Domain local cannot be changed to global Eric Vanderburg © 2006
  • 14. Computer Accounts • Used to restrict access to the domain to certain computers • Must be Domain/Enterprise admin to add computers • Managed computer - connects with a RIS server to download a Windows installation tailored for that computer • Each one has a password. Must be synchronized at least every 30 days Eric Vanderburg © 2006
  • 15. Command Line • Commands can work for the following: – User – Group – Computer – Contact – OU – Site Eric Vanderburg © 2006
  • 16. Command Line • Dsadd group “ldap” –secgrp yes –scope u –memberof “ldap” –members “ldap” • Dsmod group “ldap” –desc “description” – rmmbr “ldap of member to remove” – addmbr “ldap of member to add” • Dsquery group –scope u –name “name” – desc “description” – Can also be used on quotas & partitions • Dsmove “ldap” –newparent “ldap” – newname “name” Eric Vanderburg © 2006
  • 17. Command Line • Dsrm “ldap” – removes entries • Dsget group “ldap” –members -memberof – Get members or member of groups • Netdom reset computer /domain: domain – Reset a computer account Eric Vanderburg © 2006