- The Windows 2000\XP\.NET Resource Index
Home | About Us | Search


Windows 2003
Windows 2000
Windows XP

Virtual Server 2005 R2

SQL Server 2005

Book Reviews
Career Tools
Job Board
Hardware Guides
MCSE Toolkit
User Groups






Active Directory

Welcome to the Active Directory section of Labmice! Here you'll find a list of 25 of the editors' favorite Microsoft links to help you with various AD-related tasks. From AD scripting to AD migrations, from domain renames to metadirectory deployments, there's quite a bit here to send you down the right track.
Installation and configuration

Best Practice Guide for Security Windows Server Active Directory Installations  
Best practices for securing Windows Server 2003 domain controllers and establishing secure administration procedures.

How to verify an Active Directory installation in Windows Server 2003  
After you have run dcpromo on a member server, you can verify its promotion to domain controller status by verifying a number of items.

How to configure Active Directory diagnostic event logging in Windows Server  
By default, Active Directory records only critical events and error events in the Directory Service log. To configure Active Directory to record other events, you must increase the logging level by editing the registry.

Management and administration

Step-by-Step Guide to Bulk Import and Export to Active Directory 
A Technet tutorial that introduces you to using LDIFDE and VBScript to import and export information from Active Directory.

Best Practices for Delegating Active Directory Administration 
This white paper remains the definitive guide to the concepts and best practices involved in delegating authority over some or all of your Active Directory environment.

Running Domain Controllers in Virtual Server 2005 
Provides best practices and recommendations for running domain controllers on Virtual Server 2005, both for test and pilot environments as well as for production use.

Active Directory LDAP compliance 
Discusses the LDAP specification, and how the implementation of AD adheres to the LDAP RFCs.

How to use NTDSUTIL to manage Active Directory files from the command line in Windows Server 2003 
This step-by-step article describes how to manage the Active Directory database file, Ntds.dit, from the command line.

How to audit Active Directory objects in Windows Server 2003  
This step-by-step article describes how to use Windows Server 2003 auditing to track user activities and system-wide events in Active Directory.

How to restore deleted user accounts and their group memberships in Active Directory 
Restoring deleted users and groups can produce inconsistent results because of the way group information is stored in Active Directory. This link discusses ways to restore this information properly.

Useful shelf life of a system-state backup of Active Directory 
Discusses how the tombstone lifetime in Active Directory affects the useful lifetime of an Active Directory system state backup.

Active Directory Application Mode (ADAM) 
Discusses Active Directory Application Mode (ADAM), which is a directory service that allows you to extend the capacity of AD to store application information.

Introduction to Active Directory Federation Services  
This white paper introduces Active Directory Federation Services (ADFS), a next-generation information security infrastructure designed to help IT professionals extend internal applications to external users.

How to remove data in Active Directory after an unsuccessful domain controller demotion  
A frequently-asked question in many newsgroups and forum this will walk you step-by-step through the process of cleaning up the AD database after a DC has failed for some reason.

Active Directory Branch Office Guide  
Checklists, best practices and tools to allow you to safely and securely deploy domain controllers to remote branch office sites, separate from a centralized data center.

Active Directory Operations Guide  


Restricting Active Directory Replication Traffic to a specific port 
By default, Active Directory replication over RPC (Remote Procedure Calls) takes place dynamically over any available port via the RPC Endpoint Mapper (RPCSS). You can override this functionality and specify the port that all replication traffic passes through, thereby locking the port down.

FSMO placement and optimization on Active Directory domain controllers  
Active Directory domain controllers support multi-master updates for the replication of objects (such as user and computer accounts) in the Active Directory. In a multi-master model, objects and their properties can originate on any domain controller in the domain and become "authoritative" with replication. This article describes the placement of Active Directory Flexible Single-Master (FSMO) roles in the domain and forest.

Tools and downloads

Active Directory Migration Tool v3.0 
The latest version of the AD Migration Tool, which is a wonderful free tool to migrate users, groups, file shares, and other objects from one AD domain to another.

Windows Server 2003 Active Directory Domain Rename Tools  
While the domain rename process has been greatly simplified in Windows Server 2003, it still requires research and planning to perform successfully. This URL provides tools and white papers to walk you through the process.

Identity Integration Feature Pack for Windows Server Active Directory 
IIFP is a free download that will allow you to synchronize directory information and configure account provisioning between AD, ADAM, Exchange 2000 and Exchange 2003.


Active Directory: Learn the Basics and Master Advanced Concepts  
A series of Technet webcasts covering a number of AD topics, including replication fundamentals, best practices, and executive-level topics.

Automating Administration of Windows Server 2003 
Links to several webcasts, including one on automating Active Directory administration through the use of command-line tools.

Microsoft Windows Server 2003 DNS Integration with Active Directory 
A support webcast covering the DNS installation and configuration process, as well as AD/DNS configuration and integration, particularly in federated forests.

Technet Support Webcast Troubleshooting Active Directory replication using the Repadmin tool 
Describes the use of repadmin in troubleshooting Active Directory replication. Repadmin is one of the most useful tools an AD administrator has access to; understanding how to use it is critical when it comes time to troubleshoot.

Dell Business Weekly Promo

Entire contents
© 1999
All rights reserved

This site and its contents are Copyright 1999-2003 by Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with The products referenced in this site are provided by parties other than makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.