Author: Neftaly Malatjie

• • In computing, directory service or name service maps the names of network resources to their respective network addresses. It is a shared information infrastructure for locating, managing, administering and organizing everyday items and network resources, which can include volumes, folders, files, printers, users, groups, devices, telephone numbers and other objects. A directory service is a critical component of a network operating system. A directory server is a server which provides such a service. Each resource on the network is considered an object by the directory server. Information about a particular resource is stored as a collection of attributes associated with that resource or object.

    A directory service defines a namespace for the network. The namespace is used to assign a “name” (unique identifier) to each of the objects. Directories typically have a set of rules determining how network resources are named and identified, which usually includes a requirement that the identifiers be unique and unambiguous. When using a directory service, a user does not have to remember the physical address of a network resource; providing a name locates the resource. Some directory services include access control provisions, limiting the availability of directory information to authorized users.

    
    

• • On completion of this section you will be able to set up a directory service infrastructure for a local area computer network. 
    

  • Directory mappings to IP addresses are created and deleted according to manufacturer`s recommendations and specified organisation requirements. 
  • Directory mapping documentation is completed according to specified organisation requirements. 
  • 
    

• • User access documentation must be prepared. Many network administrators ignore network documentation. Reasons? “I don’t have time”, “I know its useful, but I don’t know how to do that”, “Other people should do that”. Practically there are no networks that work flawless. Errors could have different causes and could appear any time. You don’t want to reach the point where you cannot sleep because you don’t understand how to solve a problem and users need to work with no delays.

    Remember the following when creating access documentation;

    Work out the format. If you want to create yourself a network documentation from scratch you probably understand the necessity and usability. You need to establish the format in which you will store the documentation and other aspects such as people who will work and access and update it. Most organisations have a set format for completing user documents.

    Think what information you need to collect in that documentation; suggestions could be: number of physical locations (where your company works), how those locations are connected (wireless, wired), number of routers, switches, firewalls, servers in each location (with passwords, types of operating systems, update management, types of hardware, types of RAID, period of guarantee offered by vendors for hardware and software, rules in firewall), a contact list with people responsible with administration, help desk, a contact list with companies that offers support for hardware and software, documented and tested procedures for disaster / recovery scenarios, places to store backups (on site and off site), procedures for trial restores. You must understand how your network works in order to establish what information you will need to help you when trouble arise.

    
    

• • To open the Active Directory module for Windows PowerShell in Windows Server 2012, open Server Manager, click Tools and then clickActive Directory Module for Windows PowerShell.

  
  

• To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or Enterprise Admins group in AD DS, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. 
• After a user account has been deleted, all permissions and memberships that are associated with that user account are permanently deleted. Because the SID for each account is unique, a new user account with the same name as a previously deleted user account does not automatically assume the permissions and memberships of the previously deleted account. If you want to duplicate a deleted user account, you must recreate all permissions and memberships manually.

You can also perform the task in this procedure by using the Active Directory module for Windows PowerShell. To open the Active Directory module, click Start , click Administrative Tools , and then click Active Directory