ManageEngine ADManager Plus :: Help Documentation

More documents

Recommendations

Info

Active Directory Overview ManageEngine ADManager Plus :: Help Documentation The Windows Active Directory is a hierarchical framework of objects. This provides information of the various Active Directory objects, such as resources, services, user accounts, groups, and so on, and sets the access permission and security on these objects. The structure of the Active Directory network components are: • Domains: A group of computers that share a common directory database. • Domain Trees: One or more domains that share a contiguous namespace. • Domain Forests: One or more domain trees that share common directory information. • Organization Units: A container or a subgroup of domains that is used to organize the objects within a domain into a logical administrative group. • Objects: The objects represent single entities, such as computers, resources, users, applications, and so on, with their attributes. Active Directory Groups Groups are the Active Directory objects that can contain the users, computers, and other groups (nested groups). There are two types of groups, namely, Security Groups and Distribution Groups. While a security group is used to group users, computers, and other groups to assign permissions to resources, the distribution group is used only to create e-mail distribution lists. The scope of the group can be Local, Domain Local, Global, or Universal. • Local Groups: Its scope is limited only to the machine on which it exists. It can be used to grant permissions to access the machine resources. • Domain Local Groups: It has domain-wide scope, meaning, it can grant resource permissions on any of the windows machines in that domain. • Global Groups: It also has domain-wide scope, but, can be granted permissions in any domain. • Universal Groups: This group can be granted permissions in any domain. including domains in other forests (based on trust relationship). Active Directory Users A User, in order to logon to a computer or a domain, requires an user account in the Active Directory, which establishes an identity for him/her. Based on this identity, the operating system authenticates the user and grant access to the domain resources. There are two pre-defined user accounts, administrator and guest, that are used to logon initially to make the necessary configurations. Active Directory Computers Similar to user accounts, the computer accounts are used to provide necessary authorization to the computers for using the network and domain resources. Managing Security Permissions The basic security permissions supported by Windows, such as Read, Write, and Full Control, are available to each and every objects on the Active Directory. Apart form these standard permissions, AD also provides some special permissions based on the ZOHO Corp. 11
ManageEngine ADManager Plus :: Help Documentation object class,such as List contents, Delete Tree, List Object, Write Self, Control Access, Create Child, Delete Child, Read Property, Write Property, and so on. These permissions have to be assigned to the users or groups to restrict or grant access to the Active Directory objects. Each assignment of permissions to users or groups is referred to as Access Control Entry (ACE). Inherited Permissions Permissions set on a container (or a parent object) can be applied to its child objects as well. This is referred to as inherited permissions. The Active Directory security model allows you to define explicit permissions or propagate permissions to its child objects. For example, you specify the following conditions for propagation: • This object only • This object and all child objects • Computer objects • Group objects • Organizational unit objects • User objects Containers can be any Active Directory components like Domain, Organizational Units and only objects within those containers can inherit permissions from the parent. Some commonly used Active Directory terminologies are discussed in the next topic. ZOHO Corp. 12
Page 2 and 3: ManageEngine ADManager Plus :: Help
Page 8 and 9: Release Notes The key features of t
Page 14 and 15: Active Directory Terminologies Mana
Page 16 and 17: System Requirements • Hardware Re
Page 18 and 19: Uninstalling ADManager Plus ManageE
Page 22 and 23: Working with ADManager Plus • Sta
Page 24 and 25: Installing Service Packs ManageEngi
Page 26 and 27: Licensing ADManager Plus ManageEngi
Page 28 and 29: Configuring Domains ManageEngine AD
Page 36 and 37: Delete Contacts ManageEngine ADMana
Page 38 and 39: Modify Group in Active Directory Ma
Page 42 and 43: Creating a Single User ManageEngine
Page 44 and 45: Creating Bulk Users ManageEngine AD
Page 56 and 57: Modifying Naming Attributes ManageE
Page 60 and 61: Modifying Contact Attributes Manage
Page 62 and 63:
ManageEngine ADManager Plus :: Help
Page 64 and 65:
Page 66 and 67:
Modify Custom Attributes ManageEngi
Page 68 and 69:
Dial-in or VPN properties ManageEng
Page 70 and 71:
Modifying User Profiles ManageEngin
Page 72 and 73:
Modifying Session Attributes Manage
Page 74 and 75:
Creating User Templates ManageEngin
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Enable-Disable Computers ManageEngi
Page 82 and 83:
Modifying Group Attributes ManageEn
Page 84 and 85:
Page 86 and 87:
Bulk Group Management ManageEngine
Page 88 and 89:
CSV Based Group Management ManageEn
Page 90 and 91:
Page 92 and 93:
Address/Organization Attributes Man
Page 94 and 95:
Contact Attributes ManageEngine ADM
Page 96 and 97:
Delete Contacts ManageEngine ADMana
Page 98 and 99:
Modifying Delivery Restrictions Man
Page 100 and 101:
Page 102 and 103:
Modifying Storage Limits ManageEngi
Page 104 and 105:
Modifying Exchange Features ManageE
Page 106 and 107:
Exchange Off-line Address Book Mana
Page 108 and 109:
Active Directory User Reports • G
Page 110 and 111:
Recently Modified Users ManageEngin
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Users with Email Proxy addresses Re
Page 128 and 129:
Page 130 and 131:
OWA Disabled users Report This prov
Page 132 and 133:
Active Directory GPO Reports Manage
Page 134 and 135:
To view the report, select the doma
Page 136 and 137:
Page 138 and 139:
Non-Inheritable Folders/Files Manag
Page 140 and 141:
3. Click on Generate button Permiss
Page 142 and 143:
Scheduling Reports Overview ManageE
Page 144 and 145:
To disable a schedule, ManageEngine
Page 146 and 147:
Help Desk Delegation Overview Manag
Page 148 and 149:
Note: ManageEngine ADManager Plus :
Page 150 and 151:
Note: ManageEngine ADManager Plus :
Page 152 and 153:
Page 154 and 155:
Creating Security Roles ManageEngin
Page 156 and 157:
Modifying Security Roles ManageEngi
Page 158 and 159:
Built-in Security Roles ManageEngin
Page 160 and 161:
Customizing Naming Format ManageEng
Page 162 and 163:
Offices & Companies ManageEngine AD
Page 164 and 165:
Customizing LDAP Attributes ManageE
Page 166 and 167:
AD Search Settings You can Configur
Page 168 and 169:
Server Settings ManageEngine ADMana
Page 170 and 171:
Personalize Settings ManageEngine A
Page 172 and 173:
Web based people search ManageEngin
Page 174 and 175:
Active Directory Explorer ManageEng
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
General 1. What is ADManager Plus?
Page 184 and 185:
3. Web-based management. ManageEngi
Page 186 and 187:
Known Issues and Limitations Manage
show all

ManageEngine ADManager Plus :: Help Documentation

Create successful ePaper yourself

Delete template?

Save as template?