- We will create the top level OU (UNIX) in our Active Directory and we'll delegate control to the UNIX administrator
- We will create the SubOUs (Licenses, Zones, Roles, UNIX Groups, Servers and Computer Groups)
- We will create the AD Security Groups for Roles and Computer Groups
- Log on to CLIENT1 with Bryant Wheeler (Windows Administrator)
- Press Start-All Programs-Administrative Tools and click Active Directory Users and Computers (ADUC)
- On the left pane, right click the corp.contoso.com domain, select New-Organizational Unit
- Name it UNIX and Press OK
- In the View Menu, select Advanced Features (this enables the Security tab)
- Right-click the UNIX OU and select properties. Go to the Security tab and click the Advanced button
- In the Permissions tab, click Add. In the Object name box, type Jessie.Matthews and click check names (this resolves the name) press OK.
- In the permission entry Window, check the Full Control box under the Allow column, and press OK 3 times.
- Close ADUC and log off CLIENT1
Create the SubOUs (Licenses, Zones, Roles, UNIX Groups, Servers and Computer Groups)
- Log on to CLIENT1 with Jessie Matthews (UNIX Administrator)
- Press Start-All Programs-Administrative Tools and click Active Directory Users and Computers (ADUC)
- On the left pane, expand the corp.contoso.com domain, click the UNIX ou select New-Organizational Unit
- Name it Licenses and press OK. Repeat the same steps for these OUs:
Licenses: container to store the Centrify license object (already created)
Zones: zones are like folders that hold systems, users, groups and authorization data.
Servers: to store the computer objects and to link the OU.
Roles: to store the AD security groups that will be assigned roles
UNIX groups: to store the AD security groups that will map to UNIX groups
Computer Groups: to store the AD security groups that will group systems.
Create the AD Security Groups for Roles and Computer Groups
Create the AD Security Groups for Roles and Computer Groups
- Right-click the Roles OU (under UNIX) and select New-Group.
- Name it UNIX Super Users and press OK.
- Right-click the Roles OU (under UNIX) and select New-Group.
- Name it UNIX Regular Users and press OK.
- Right-click the Computer Groups OU (under UNIX) and select New-Group.
- Name it UNIX Database Servers and press OK.
- Right-click the Computer Groups OU (under UNIX) and select New-Group.
- Name it UNIX Web Servers and press OK.
No comments:
Post a Comment