Question : Inportant Changes in ADS

Hi,

Can anyone tell me the major changes in Windows 2003 Active directory.The tips which can be used in daily use of the console.

Please do not give me links.
Regards
Sharath

Answer : Inportant Changes in ADS

Well where to start? Windows Server 2003 is grounded in the same Active Directory structure in Windows 2000 where each domain controller holds a read-write copy of the AD database, relying on multi-master replication to keep everything up-to-date. The windows 2003 schema is quite different to the Windows 2000 schema and contains about 50% more entries.

In the Windows Server 2003 Active Directory Users & Computers MMC snap-in, you can now move an object from one location in the directory tree to another by using the familiar drag-and-drop method, rather than being forced to right-click the object and select "Move", as was the case in Windows 2000.

You can also now select multiple objects simultaneously for editing or deletion, and save commonly-used queries within the ADUC console window. Although really, if you're going to be working with more than one object at a time, I would recommend that you get out of the MMC console anyway and use command-line tools or scripts to take away some of your administrative burdens.

New command-line tools

Windows Server 2003 includes a number of built-in command-line tools that were not available in Windows 2000, including:

dsadd -- allows you to create objects from the command line
dsmove -- moves an object from one OU or container to another within the same domain
dsrm -- will delete an object from Active Directory
dsquery -- will return an object or list of objects that matches criteria that you specify
dsget -- will return one or more attributes of a particular Active Directory object

These are much more flexible and to a large extent replace the LDIFDE and CSVDE commands (but they are still there is you want them).

Another new feature is the "Install from Media" option for promoting new domain controllers into a domain. In Windows 2000, if you needed to install a domain controller at a remote location, you had to Travel to the remote site to running dcpromo and allow the entire AD database to replicate across a slow (and often expensive) WAN link, or Configure the database at your corporate headquarters, and then ship the DC to the remote site; this is often an expensive process and one that runs the risk of damaging expensive computer hardware in transit.With the "Install From Media" feature. In Windows Server 2003 you can initially populate the Active Directory database using a System State backup from an existing DC, saving you both WAN traffic and shipping costs. For those of us who run extremely decentralized environments

Another significant change, particularly for larger environments, is a replication enhancement called linked-value replication for objects such as Active Directory group objects. In Windows 2000, a group's membership list was replicated as one single block of information. This led to a number of potential problems, such as the following:

Inconsistent replication. Consider this: you have a group called DOMAIN\Finance. From Domain Controller A, you add the jsmith user to the Finance group. What happens if, at precisely the same nanosecond, your junior admin removed the bthomas user from the Finance group while connected to Domain Controller B? Without linked-value replication, this would create a replication conflict, which would either lead to jsmith being added to the group and bthomas not being removed, or vice versa.
Replication delays. In Windows 2000, Microsoft published a size limitation where you could not place more than 5,000 members in a single group object; more than this created significant replication delays since the membership list was replicated as a single block.

Linked-value replication solves these problems by replicating these multi-valued attributes separately. In our first example above, the addition of jsmith and the removal of bthomas would be replicated as two separate transactions, allowing both updates to be applied without causing a replication conflict. In our second example, only the individual changes to the group membership will be replicated, greatly streamlining the replication process and removing the 5000-member limitation on Active Directory groups.

Also included is universal Group membership caching which allows AD to used cached universal group membership credentials if for some reason the global catalog server is unavailable.

The GPUPDATE command has been added and replaces the scedeit /refreshpolicy command

While not strictly AD there are also improvements to DNS and in particular the introduction of conditional fowarding and stub zones.

Several new tools that work with 2003 AD have also been made available including GPMC - the group policy management console which simplifies creating and applying group policies and provides graphical tools to group policy modeling, and resultant set of policy determination.

Domain name rename tools have also been developed to allow existing windows 2003 domains to be renamed with minimal effort.

Random Solutions

Restarting the IIS service in Exchange 2003

Scheduled task does run if it requires admin elevation

Computer is hanging at "Applying Network Connections"

hyperlinks in email canceled due to restrictions in effect on this computer.

Block internet access to all applications except Outlook in XP Pro

Your account in Microsoft Exchange does not have permission to synchronise with your current settings

Vista Backup Solution

invalid url on google search through IE7

FreeBSD sendmail web application

SEO: htaccess and Yahoo linkdomain