UKUUG home


(the UK's Unix & Open Systems User Group)






Book Discounts

Other Discounts

Mailing lists






Active Directory Cookbook Robbie Allen
Published by O'Reilly and Associates
622 pages
£ 31.95
Published: September 2003
reviewed by Mike Smith
   in the March 2004 issue (pdf), (html)

Active Directory is becoming increasingly important. I run a team of technical consultants in one of the oursourcing companies and we're always getting asked for Directory skills, as it underpins many areas, not least ... no, perhaps least of all, large scale Windows 2003 implementations!

AD is based on LDAPv3, so it does have its uses (!) We have a web based front-end to our directory at work (that's not AD based, but the principles are the same). Its really great - everyone maintains their own details, and you can include your calendar, movements, skills, personal details and best of all - your photograph. Because its in LDAP, you can also link to your manager - which of course means that you can display an Org chart automatically. Really, really good.

So the Cookbook, with ``Over 325 Recipes'', covers a lot of areas. I hadn't realised that there were so many things to consider when designing an AD solution. But its not going to stop me from criticising those technical consultants - they need to keep on their toes.

Although a Cookbook, its organised well and starts with some basics - a bit of background and design. I'll list the main chapters: Forests, Domains and Trust. We know most of this from NT4 world. Domain Controllers, Global Catalogs (sic) and FSMOs. ``What's an FSMO?'' I hear you ask - AD is a multi-master system that replicates information across domain controllers. However some (5 to be precise) critical operations can only be done on a single controller. You can distribute these 5 operations - they don't all need to be on the same controller, but you can only have one master at any one time. Some FSMO (Flexible Single Master Operation) roles have cool names too - like the ``RID Master''.

There's a chapter on Searching. In this book, the ``Solution''s are presented in several ways - using a graphic interface for the experienced windows users, and also command line tools and VBScripts scripts. There are some perl scripts too, to widen the appeal.

A bit on OUs and GPOs. Some good acronyms along with FSMO, which I used successfully in a presentation earlier this week. They were impressed anyway.

There are some more interesting chapters on Schema and Site Topology - its where the theory gets a bit closer to practice when you have to consider the realities of customer networks etc. Then we have replication, DNS, Security and Logging chapters. One on Backup, Recovery and maintenance of the DIT (use Google for that one.) Finally some application and integration stuff.

As you see, its a real action-packed book. If you need to work with AD, I'd recommend it, along with other references (from O'Reilly, of course!) I think the combination of different styles will help you rapidly cover what you need to know for a quick start, and then into more advanced topics.

So I've picked a few things up and I'll be posing a few tests for those consultants next week; to see how much they really know ;-)

Back to reviews list

Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat
More information

Page last modified 02 Apr 2007
Copyright © 1995-2011 UKUUG Ltd.