ESI Active Directory Configuration Essay Example | Topics and Well Written Essays - 1250 words

ESI Active Directory Configuration - Essay Example It is time to design its new Active Directory and to define the corresponding policies. Top View or Forest ESI will have a single domain AD forest with centralized authentication and authorization. Security boundaries and specifications will be defined starting with the urgent requirements that will prevent cybercrime from forcing the entire network to start from scratch. The strategy of developing with precaution will allow all the officers and employees to become familiar with the actual implementation, without experiencing too much security threats from external sources.. First of all, the AD DS will be installed in Microsoft Windows Server 2008. Due to the rapid expansion of business operations, the aim will be to have three (3) Domain Controllers. This is to take the least probability of having to recover from backup files in case of technical troubles somewhere in the system. All branches will be connected by a single DNS name. Thus, from the Central Office of ESI.com, each bra nch will have a subdomain that employees can access after passing security authentication. Illustrated with a diagram below are the Servers /.Controllers and that the branches will access daily to be connected to a Single Forest, Single Domain startup design. (Rommel, Florian 2009a). All branches will access the server via Internet, more specifically by logging into the domain ESI.com. However, these servers can only share software but not printers and other devices that are within the branch vicinity. These are the three (3) controllers or servers for the entire network. One will serve as automatic backup. The 3rd should backup only after internal audit has double checked the active or real time backup data. For security purposes, the three servers will be located in a well-guarded, fireproof, temperature-controlled offices near the top 10 most trustworthy Executives. and where calamity cannot destroy them. Furthermore, one of them will be under daily audit by the IT Security Depar tment. Servers will then link all the branches nationwide so that their computer work stations can share in the use of resources found in the centralized server. Note that only one server is mentioned because the other two are backup servers wherein one backup is most protected. It is foreseen that eventually, each branch will have to maintain a server of its own to handle activities that do not need to be strictly secured. â€Å"The AD DS role is what enables the server to act as Domain Controller.† says the System Administrator (2012). But the AD DS should first be installed. In Windows Server 2008, open Server Manager from the Quick Launch Toolbar icon, or by going to Administrative Tools.The next steps are as follows: Click â€Å"Roles† > â€Å"Add Roles† > Next > â€Å"Select Server Roles†> Click on Active Directory Domain Services.> Next> Confirm Selected Roles Installation> Wait for Installation Success> Doublecheck if AD DS got installed by going back to Server Manager. See Figure 2, 3 under Appendix. Once AD DS has been installed in Windows Server 2008, run DCPROMO as follows: Run> dcpromo > OK > Welcome to Active Directory Domain Services Installation Wizard > Next > Open system Compatibility > Next > Choose a Deployment Configuration > Select Create a New Domain > Be sure to type the exact Fully Qualified Domain Name (FQDN)., e.g. ESI.com > Set the Forest Functional Level. > Select additional Domain Controller Options by placing a check mark on the DNS Server.> Select DHCP > Continue until AD DS Installation is complete. When asked for a Directory Service Restore Mode Administrator Password, be sure to â€Å"control† and keep the password in writing for the time when the system might