Upload
terah
View
46
Download
2
Embed Size (px)
DESCRIPTION
Администрирование информационных систем. Группы безопасности Управление пользователями. Учетная запись. Для управления пользователями в MS Windows используется понятие учетной записи . - PowerPoint PPT Presentation
Citation preview
MS Windows . Active Directory , , . : , , . Active Directory, . WindowsXP Professional Windows Server2003 . Windows Server2003 Active Directory .
( ) . , (SID) . , , . . Windows , .
: . , . . . . , , . . Active Directory . , .
: ; ;/ ; . Windows 2003 Active Directory dsadd user.
Windows dsadd userdsadd user "CN= , CN=Users, DC=UFO, DC=ROSNOU, DC=RU" :- pwd ;- mail - mustchpwd yes|no - canchpwd yes|no - disabled yes|no
:dsmod user dsrm user Active Directorydsmove user dsquery user Active Directory dsget user
, , :net user /domain net user /add /domain net user /domain net user /delete /domain net accounts (. ..)
. : ; ; . Active Directory : ; ; .
, . . , . , . , , , .
Active Directory Active Directory . Users . . . , .
Active Directory:dsadd group dsmod group dsrm Active Directorydsquery group Active Directory dsget group net:net group /add /domainnet group /delete /domainnet localgroup /add /domainnet localgroup /delete /domain
( OU) . . Active Directory . , Active Directory OU, :dsadd ou ou=434,dc=ufo,dc=rosnou, dc=ru
, Active Directory . . , , Active Directory , ., :net computer \\comp /addnet computer \\comp /delete .
, . Active Directory :csvde Active Directory , CSV (comma-separated value). , CSV. ldifde , . , Windows Server2003 WindowsXP Professional. Ldifde , Active Directory Active Directory .
Active Directory X.500 OSI 1988 . , X.500.Lightweight Directory Access Protocol (LDAP) , Active Directory. , X.500- , . , .
Active Directory Active Directory : ? ? ?
, Windows, Kerberos. (ACL). Active Directory , .
Kerberos Kerberos , , . Kerberos , , . S, C Kerberos K , () . K , , . C S. S , , . , . .
, , . : (DACL) , . ; (SACL) , . : , , .
Windows , , . , , Windows . , NTFS.
:cacls _ [/t] [/e [/r [...]]] [/c] [/g :] [/p : [...]] [/d [...]]:_ . (DACL) . /t (DACL) . /e (DACL) . /r . /e. /c (DACL) . /g : . . n - r - w - c - () f - /p : .n - r - w - c - () f - /d .
Active Directory, , , . . , , , , , Internet Explorer. (GPO). GPO Active Directory; , ; GPO Active Directory. GPO . (GPMC).
.
(Security Templates) , . , . mmc, , . (GPO) Active Directory. GPO GPO, .
Windows 2003 :Setup security DC security Compatws , Securews Windows 2000 XP.Hisecws HisecDC Windows 2000, 2003. , , . : __\Security\Templates
(Setup security.inf) Setup security.inf . , , . Setup security.inf , , , . - -, . . Setup security.inf . , . . Secedit, .
(DC security.inf) . , , . , , , . Secedit.
(Compatws.inf) : , . , , , , :, ; , ., , , , , , . . , , , .
(Secure*.inf) . , . , , . , LANManager NTLM NTLMv2, . . ( , ) . . SID- -SID. SMB , . SMB , , .
Windows . , . (.inf-) (.sdb-). :secedit secedit /analyze secedit /configure secedit /export secedit /import secedit /validate secedit /GenerateRollback