123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Business >> View Article

The Object Permission Structure In Active Directory

Profile Picture
By Author: Shirley Green
Total Articles: 129
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

The object permission structure for Active Directory has many similarities with that of the MCSE 2003 exams file system. Objects are arranged in a hierarchical structure, and permission inheritance can be managed to ensure the propagation of permissions throughout a section of the structure or to prevent inheritance by sensitive objects. Like files, folders, and registry keys, Active Directory objects have their own unique permission sets. There are two differences between Active Directory objects and the other objects that can be protected by permissions:
There are many Active Directory object types, and each type has some permissions common with all other object types and its own set of unique permissions.
To the Active Directory, all activity is seen as a matter of access, and all management over this activity is seen as access control. It's as if rights have become permissions. Some permissions available for Active Directory objects can be leveraged to provide granular control over whole categories or divisions of the Active Directory infrastructure.

The permissions ...
... that are available for each object in Active Directory and their default settings are defined in the free Microsoft certification exam questions schema in the Active Directory Schema. It would be impossible to list all of them in this book; indeed, there does not seem to be a publicly available comprehensive list of all possible permissions. Nor is there any guide that might help you determine the exact impact of every possible set of permissions. And there might never be. However, you can investigate and learn about the major permission sets and then use them to gain a security advantage.

You can also plan and undertake management of Active Directory objects by using the permissions that you do understand. You can delegate administration of Active Directory objects by assigning permissions at the container or object level. However, best practices dictate that you should do so at the container level in most cases. For example, for delegation of authority at the object level look at the discussion on securing a Certification Authority in Chapter 2. In that case, you assign administration of a single CA by assigning permissions on that CA object. For an example of delegating authority at the container level, see the following free practice exams for MCTS discussion of managing OUs.

Total Views: 494Word Count: 380See All articles From Author

Add Comment

Business Articles

1. Etsy Data Scraping Api — Real-time Listing, Shop & Sales Data | Real Data Api
Author: Acto96

2. Simple Guide To Takshak, Mahapadma And Vasuki Kaal Sarp Dosh
Author: Pandit Rakesh Guruji

3. Replace Spreadsheet-based Processes With Erp Supply Chain Software
Author: emathew

4. Kaal Sarp Dosh Effects On Career With Nivaran Procedure Guide
Author: Vidyanand Guruji

5. Kayali Perfume For Everyday Confidence And Style
Author: Kayali perfume

6. Difference Between 2 Bhk And 3 Bhk: Which Is Better?
Author: Dharmendra

7. How Ai Is Changing Search Engine Optimization
Author: bharathi

8. Benefits Of Professional Mosquito Control Services In Chennai
Author: Nandini

9. Comparing Bond Types Based On Risk And Return Potential
Author: Ravi Fernandes

10. How Winter Weather Causes Hidden Damage To Commercial Buildings
Author: Michael

11. Target Data Scraping Api — Real-time Product, Price & Store Inventory Data | Real Data Api
Author: Acto96

12. Cleaning Solutions For Airports, Metro Stations, And Large Facilities
Author: Steve Smith

13. Monel 400 Scrap Exporters In Mumbai
Author: Akshit shah

14. Chromium Carbide Plates Manufacturers In India
Author: Mukesh Chhajed

15. Kaal Sarp Puja In Nashik – Simple Guide, Benefits And Trimbakeshwar Puja
Author: Devansh Guruji

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: