Microsoft Active Directory as an Enterprise Wide IT Security Solution
by Chris Sobeck
When it comes to enterprise wide security, organizations must protect their sensitive information where necessary. Microsoft Active Directory Domain Services provides a solution just for this. In a Windows based server environment, more specifically Windows Server 2008 and 2003 versions, you can promote the file server to a domain controller. When a windows based server is promoted to a domain controller it can provide access and secure network resource based solutions. First the server must be a DNS Server. A DNS (Domain Name System) server is setup so that the local domain name can be broadcast over the LAN (Local Area Network) that workstations use. When the DNS service is running, any client that is connected to the DNS server’s LAN, will pick up the broadcast. Workstations will know of the domain name server but in no way will they be able to access its resources until they are trusted in the domain. This means that a client must be registered by an Active Directory Systems Administrator. Once the workstation is trusted in the domain, resources and file access can be distributed based on GPO’s (Group Policy Objects). For example, who is logged in or what computer is allowed? So, it is possible to block new workstations from picking up any secure resource from the file server. It also controls resources such as; networked printers, IP addresses, application access rights, website domain access white-lists and more. All in all this seems to be a robust and affordable solution for businesses and corporate enterprises, especially when most of them run a Windows Server environment already. There is no extra charge to promote any server to a domain controller. Following the article, please check out my tutorials for setting up and securing your Active Directory environment.
about the author
More about Chris Sobeck:
A founding member of Security Mecca that believes that the best way we can support America's network infrastructure is to generate awareness. Striving to be a future IT Manager for a Fortune 500 corporation, Chris is now studying at Western Michigan University. Chris' specific areas of expertise is IT Consulting and Web Design.
questions or comments?
If you have any questions or comments about this article, feel free to contact us!