Difference between revisions of "Active Directory/Documentation"
Jump to navigation
Jump to search
m |
|||
(34 intermediate revisions by 4 users not shown) | |||
Line 10: | Line 10: | ||
=Automatic Updates (WSUS)= | =Automatic Updates (WSUS)= | ||
− | + | Details on the WolfTech WSUS Service Group can be found [[Active_Directory/Service_Groups| here]]. | |
− | + | *[[/Configuring the Windows Update GPO Setting| Configuring the Windows Update GPO Setting]] | |
− | *[[/ | ||
*[[/Manually_Install_Updates| Manually Install Updates]] | *[[/Manually_Install_Updates| Manually Install Updates]] | ||
− | |||
*[[/WSUS Management Console | WSUS Management Console]] | *[[/WSUS Management Console | WSUS Management Console]] | ||
*[[/Manipulate Client Behavior Using Command-line Options|Manipulate Client Behavior Using Command-line Options]] | *[[/Manipulate Client Behavior Using Command-line Options|Manipulate Client Behavior Using Command-line Options]] | ||
− | |||
*[[/WSUS Update Agent Script|Windows Update Agent force script]] | *[[/WSUS Update Agent Script|Windows Update Agent force script]] | ||
+ | *[[/Personal Computers on WSUS|Personal Computers on WSUS]] | ||
+ | *[[/Configuring Domain Computers|Configuring Domain Computers]] | ||
=Disaster Recovery= | =Disaster Recovery= | ||
Line 54: | Line 53: | ||
=Laptops= | =Laptops= | ||
*[[/Security Policies When Offsite|Security Policies When Offsite]] | *[[/Security Policies When Offsite|Security Policies When Offsite]] | ||
+ | =Lights Out Management= | ||
+ | *HP ILO | ||
+ | *Dell DRAC | ||
=Macintosh= | =Macintosh= | ||
*[[/Parallels | Parallels]] (BME is currently beta testing) | *[[/Parallels | Parallels]] (BME is currently beta testing) | ||
+ | |||
+ | ==== Options for integrating Mac OS X clients with AD ==== | ||
+ | |||
+ | *Billy's instructions on joining domain... [[/Joining Macs to WolfTech Domain|Joining Macs to WolfTech Domain]] | ||
+ | |||
+ | With the included Active Directory plug-in, OS X can be configured to authenticate to an AD domain, and use network home directories. More comprehensive management (MCX) requires one of the 3 options below: | ||
+ | |||
+ | *[[/Extending the AD schema | Extending the AD schema]] Adding 38 attributes and 10 classes to the AD schema. | ||
+ | *[[/Dual directory | Dual directory]] Adding an Open Directory domain running on a Mac OS X Server, also known as a "Magic Triangle" configuration | ||
+ | *[[/Third-party solutions | Third-party solutions]] Options include Thursby's ADmitMac or Centrify DirectControl. | ||
+ | |||
+ | Additional resources: | ||
+ | *[http://images.apple.com/itpro/pdf/AD_Best_Practices_2.0.pdf Best Practices: Integrating Mac OS X with Active Directory] | ||
+ | *http://www.macwindows.com/AD.html | ||
+ | |||
+ | Issues to address: | ||
+ | #Configuring your mac to use your UnityID/paswd (specifically, by authing against the DCs, but alternatively against the campus KDC). Plus how the laptop reacts when not on the network - should be caching. | ||
+ | #Adding your Mac to the domain. | ||
+ | #Restricting access to AD defined users. | ||
+ | #Printing from your domain'd mac to a Windows print server; and to a WolfCopy printer. | ||
+ | #*ksmbprintd v1.0 (http://www.deploystudio.com/News/Entries/2008/4/7_ksmbprintd_v1.0.html / http://www.deploystudio.com/Downloads/ksmbprintd_v1.0.dmg) -- courtesy of Everette, needs to be tested. | ||
+ | #Accessing Windows file shares from your domain mac | ||
+ | #Why DFS doesn't work, or if the new OS fixes this. And steps to get around this (3rd party apps - AdmitMac) or things to look out for). | ||
+ | #Options to apply policies to the mac client via GP? (likely to require 3rd party apps) | ||
+ | #Scripts to inventory hardware/applications on your mac clients (longterm we'd want a WolfTech Collector Agent for Macs) | ||
+ | #AFS client for Macs | ||
+ | #Software distribution to Mac via GP? | ||
=Migrating= | =Migrating= | ||
*[[/College of Textiles Migration|College of Textiles Migration]] | *[[/College of Textiles Migration|College of Textiles Migration]] | ||
+ | *[[/GUID Collection Tool|GUID Collection Tool]] | ||
+ | *[[/Computer Account Prestaging Tool|Computer Account Prestaging Tool]] | ||
+ | *[[/Computer Migrators Group|Using the Computer Migrators group]] | ||
====Active Directory Migration Tool (ADMT)==== | ====Active Directory Migration Tool (ADMT)==== | ||
*[[/Enable User/Password Migration| Enable User/Password Migration]] | *[[/Enable User/Password Migration| Enable User/Password Migration]] | ||
Line 80: | Line 112: | ||
*[[/Printing via Print-a-File|Printing via Print-a-File]] | *[[/Printing via Print-a-File|Printing via Print-a-File]] | ||
*[[/Windows 2003 R2 and Printing|Windows 2003 R2 and Printing]] | *[[/Windows 2003 R2 and Printing|Windows 2003 R2 and Printing]] | ||
+ | *[[/Printer Management and Vista/RSAT|Printer Management and Vista/RSAT]] | ||
+ | *[[/WolfPrint Accounted Printing|WolfPrint Accounted Printing]] | ||
=Public Labs / Kiosks= | =Public Labs / Kiosks= | ||
Line 101: | Line 135: | ||
*[http://technet.microsoft.com/en-us/sysinternals/ SysInternals Tools (incls psexec / pstools)] | *[http://technet.microsoft.com/en-us/sysinternals/ SysInternals Tools (incls psexec / pstools)] | ||
*[[/GUI for psexec|GUI for psexec]] | *[[/GUI for psexec|GUI for psexec]] | ||
+ | *[[Using PsExec to delete old local profiles on lab machines]] | ||
+ | |||
+ | ==Services for UNIX== | ||
+ | *[[/What is SFU?|What is SFU?]] | ||
=Software Packaging= | =Software Packaging= | ||
Line 108: | Line 146: | ||
* [http://support.installshield.com/kb/view.asp?articleid=q106234 Manually Uninstall MSI] | * [http://support.installshield.com/kb/view.asp?articleid=q106234 Manually Uninstall MSI] | ||
* [[Removing_ghost_installs| Removing Ghost Installs]] | * [[Removing_ghost_installs| Removing Ghost Installs]] | ||
+ | * [[/Controling Licenses via GPP|Controling Licenses via GPP]] | ||
+ | |||
+ | * [[/Exclusions List | Exclusions List]] | ||
+ | |||
+ | *[[/MSI Testing|MSI Testing]] | ||
+ | *[[/MSI Logging|MSI Loggingg]] | ||
=Symantec Antivirus (SAV)= | =Symantec Antivirus (SAV)= | ||
Line 115: | Line 159: | ||
=Teaching Labs= | =Teaching Labs= | ||
*[[/Using Common Accounts|Using Common Accounts]] | *[[/Using Common Accounts|Using Common Accounts]] | ||
+ | *[[/Monitoring Lab Usage|Monitoring Lab Usage]] | ||
+ | *[[/Generate Remote Desktop Files|Generate Remote Desktop Files]] | ||
=User Account Control (UAC)= | =User Account Control (UAC)= | ||
Line 126: | Line 172: | ||
*[[/Planning | Planning]] | *[[/Planning | Planning]] | ||
− | =Windows 2003 | + | =Windows Server 2003 R2= |
*[[/Extend_Schema_R2| How to extend the schema?]] | *[[/Extend_Schema_R2| How to extend the schema?]] | ||
+ | |||
+ | =Windows Server 2008= | ||
+ | *[[/Server 2008 Core | Server 2008 Core]] | ||
=Windows Defender= | =Windows Defender= | ||
Line 134: | Line 183: | ||
=Windows Deployment Services (WDS)= | =Windows Deployment Services (WDS)= | ||
*[[/WDS | WDS]] | *[[/WDS | WDS]] | ||
+ | |||
+ | =Windows 7= |
Latest revision as of 15:58, 23 April 2010
Active Directory Users and Computers
Automatic Logon
Administrative Users
Automatic Updates (WSUS)
Details on the WolfTech WSUS Service Group can be found here.
- Configuring the Windows Update GPO Setting
- Manually Install Updates
- WSUS Management Console
- Manipulate Client Behavior Using Command-line Options
- Windows Update Agent force script
- Personal Computers on WSUS
- Configuring Domain Computers
Disaster Recovery
DNS
File Servers
Folder Redirection
Distributed File System (DFS)
Group Policy
Group Policy Preferences
- Overview
- Remote Server Administration Tools
- Configuring Preferences
- Clients & Deploying Preferences
- Item-Level Targeting
Internet Explorer 7
Laptops
Lights Out Management
- HP ILO
- Dell DRAC
Macintosh
- Parallels (BME is currently beta testing)
Options for integrating Mac OS X clients with AD
- Billy's instructions on joining domain... Joining Macs to WolfTech Domain
With the included Active Directory plug-in, OS X can be configured to authenticate to an AD domain, and use network home directories. More comprehensive management (MCX) requires one of the 3 options below:
- Extending the AD schema Adding 38 attributes and 10 classes to the AD schema.
- Dual directory Adding an Open Directory domain running on a Mac OS X Server, also known as a "Magic Triangle" configuration
- Third-party solutions Options include Thursby's ADmitMac or Centrify DirectControl.
Additional resources:
Issues to address:
- Configuring your mac to use your UnityID/paswd (specifically, by authing against the DCs, but alternatively against the campus KDC). Plus how the laptop reacts when not on the network - should be caching.
- Adding your Mac to the domain.
- Restricting access to AD defined users.
- Printing from your domain'd mac to a Windows print server; and to a WolfCopy printer.
- ksmbprintd v1.0 (http://www.deploystudio.com/News/Entries/2008/4/7_ksmbprintd_v1.0.html / http://www.deploystudio.com/Downloads/ksmbprintd_v1.0.dmg) -- courtesy of Everette, needs to be tested.
- Accessing Windows file shares from your domain mac
- Why DFS doesn't work, or if the new OS fixes this. And steps to get around this (3rd party apps - AdmitMac) or things to look out for).
- Options to apply policies to the mac client via GP? (likely to require 3rd party apps)
- Scripts to inventory hardware/applications on your mac clients (longterm we'd want a WolfTech Collector Agent for Macs)
- AFS client for Macs
- Software distribution to Mac via GP?
Migrating
- College of Textiles Migration
- GUID Collection Tool
- Computer Account Prestaging Tool
- Using the Computer Migrators group
Active Directory Migration Tool (ADMT)
MS-SQL
New OU Admins
Printing
- Printing via Print-a-File
- Windows 2003 R2 and Printing
- Printer Management and Vista/RSAT
- WolfPrint Accounted Printing
Public Labs / Kiosks
Remote Assistance
- Configuring AD for Remote Assistance
- Offering Remote Assistance
Remote Installation Services (RIS)
Scripting
- phpAD Library
- SysInternals Tools (incls psexec / pstools)
- GUI for psexec
- Using PsExec to delete old local profiles on lab machines
Services for UNIX
Software Packaging
- Packaging Notes
- Assigning Software via Group Policy
- Windows Installer
- Manually Uninstall MSI
- Removing Ghost Installs
- Controling Licenses via GPP