Popular Tags:

Windows Server Active Directory Group Scopes

April 17, 2017 at 5:36 pm

Group Scopes

Overview of Group Scopes

It is time for us to review the group scopes available in Windows Server technologies. It is critical that you understand these scopes as well as the conversion possibilities for success in the MCSA 70-742 exam for Windows Server 2016.

Domain Local Group Scope

The domain local groups are ideal for assigning permissions to objects in the active directory. To scale things, we like to place global groups inside them. These global groups contain the actual user accounts that need access.

Can Include As Members:

  • Accounts from any domain
  • Global groups from any domain
  • Universal groups from any domain
  • Domain local groups but only from the same domain as the parent domain local group

Can Be Assigned Permissions In:

  • Only within the same domain as the parent domain local group

Group Scope Can Be Converted To:

  • Universal (as long as no other domain local groups exist as members)

Global Group Scope

As mentioned above, we love to use global groups to gather user accounts that need permissions assigned to domain local groups.

Can Include As Members:

  • Accounts from the same domain as the parent global group
  • Global groups from the same domain as the parent global group

Can Be Assigned Permissions In:

  • Any domain

Group Scope Can Be Converted To:

  • Universal (as long as it is not a member of any other global groups)

Universal Group Scope

Use groups with universal scope to consolidate groups that span domains. To do this, add the accounts to groups with global scope, and then nest these groups within groups that have universal scope. When you use this strategy, any membership changes in the groups that have global scope do not affect the groups with universal scope.

Can Include As Members:

  • Accounts from any domain within the forest in which this Universal Group resides
  • Global groups from any domain within the forest in which this Universal Group resides
  • Universal groups from any domain within the forest in which this Universal Group resides

Can Be Assigned Permissions In:

  • Any domain or forest

Group Scope Can Be Converted To:

  • Domain local
  • Global (as long as no other universal groups exist as members)

Pearson Education (InformIT)

The Identity with Windows Server 2016 (Exam 70-742) Course Goes Live!

April 12, 2017 at 3:40 pm

70-742

Start enjoying this course and getting prepared for your MCSA: Windows Server 2016 certification and 70-742 exam! Below are the Nuggets and Hands On Labs available right now as I post this! I am making more Nuggets and Labs every day – I will keep you posted here at the blog as more batches arrive.

  • 1. Course Introduction
    3 min
  • 2. Active Directory Overview and Install
    HANDS ON LAB
    19 min
  • 3. Read-Only Domain Controllers and Removing DCs
    HANDS ON LAB
    17 min
  • 4. Install from Media and Domain Controller Upgrades
    HANDS ON LAB
    13 min
  • 5. Flexible Single Master Operator Roles
    HANDS ON LAB
    15 min
  • 6. Configure Domain Controller Cloning
    15 min
  • 7. Troubleshooting Active Directory Installations
    HANDS ON LAB
    8 min
  • 8. Create, Copy, Configure, and Delete Users and Computers
    HANDS ON LAB
    14 min
  • 9. Automate the Creation of Active Directory Accounts
    HANDS ON LAB
    13 min
  • 10. More Automation and Account Management
    HANDS ON LAB
    11 min
  • 11. Perform Bulk Active Directory Operations
    HANDS ON LAB
    9 min
  • 12. Configure User Rights
    HANDS ON LAB
    5 min
  • 13. Implement Offline Domain Join
    HANDS ON LAB
    4 min

Pearson Education (InformIT)

Windows 10 Creators Update

March 31, 2017 at 10:13 pm

creators

Overview

2016 brought us the Anniversary Update to Windows 10. Now early 2017 brings us the Creators Update. This update targets the creative types, supposedly. I say this because adding 3D Paint to the existing Microsoft Paint application really seems to be the extent of that, and that is pretty lame.

When You Get It

I am testing the update for you here as a Microsoft Insider. You can download the update for yourself on or after April 11, 2017.

The Enhancement

Here is the full list of feature enhancements in this update:

  • Privacy Dashboard – this Web-based interface is now part of your Microsoft account screen online and permits you to control Privacy settings all from one location
  • Game Mode – places Windows into an operational mode that is optimized for games; found in an Xbox icon in settings
  • Paint 3D – a new built in painting app
  • Windows 10 Holographic Shell – this enables VR (particularly the HoloLens) to function with Windows 10 right out of the box
  • Windows Updates improvements – for example, Pro, Enterprise, and Education users can now delay updates for a time period; Home edition users are now the only test candidates! 🙂
  • Dynamic Lock – walk away from your PC and it can dynamically lock; this trick is done using Bluetooth to your phone
  • Cortana improvements – this feature gets smarter all the time of course, most noticeable in this update is the scheduling of monthly reminders; she can also help with Setup now, and will suggest things better as you type
  • E-books – the Windows Store is picking up an e-books section and the Edge Browser now serves as a Reader
  • Edge improvements – tab previews, set-aside tabs, and Microsoft Wallet all arrive in the browser
  • Start menu folders
  • New display settings – including a night mode
  • New Touchpad and Surface Dial settings 
  • Windows Defender improvements 
  • Bug fixes – (duh)

InformIT (Pearson Education)