Active Directory Support for Windows Server
Windows Active Directory requires experience to configure efficiently across an enterprise. Progent’s Microsoft certified consultants are experts in designing, deploying and troubleshooting complex Microsoft Active Directory (Microsoft AD) installations. Areas of expertise include:
Active Directory Support for Windows Server 2008
- Progent's Microsoft-certified consultants have extensive experience troubleshooting complex Active Directory issues such as replication problems, multi-domain partition configurations, corrupted AD objects, clean-up of legacy beta software configuration objects in production AD environment, and repair of failed installations of AD and AD-integrated applications. Progent is also skilled in using “expert only” AD tools such as ADSIEDIT, NTDSUTIL, DCDIAG and NETDIAG.
- Progent offers expertise in designing an enterprise Active Directory environment with multiple locations and can deliver fast, efficient solutions for fault tolerant architecture, placement of servers and services, and AD server roles.
- Progent can design and implement an optimal DNS configuration that correctly handles internal, external and remote users.
- To save clients the cost of expensive reconfigurations that may be required as a result of poor initial decisions, Progent can help make key early decisions concerning Active Directory naming standards, hierarchical model, IT management structure, utilization and structure of group policy objects, plus security and auditing definitions. Progent can also anticipate the impacts of server and service configurations on functionality and performance.
- Progent can provide assistance in developing and deploying group policy security models that can save significant support resources by effectively controlling the ability of users to make configuration changes.
- To maximize system robustness and availability, Progent's engineers can help create an Active Directory architecture and provide expert implementation that features enterprise class redundancy, fault tolerance, effective data protection systems, and seamless disaster recovery.
- Progent's consultants have experience with a broad variety of scenarios involving Active Directory migrations from legacy NT domain environments, including upgrading of existing NT domains, “fresh” AD domain migrations, collapsing of multiple domains into a single domain, and creation of sub-domain or multi-domain environments.
- To create a unified directory structure, Progent can help migrate/merge earlier versions of Exchange into an existing Windows Active Directory system.
- In order to avoid disruptions in productivity, Progent can perform seamless multi-site/multi-server Active Directory migrations that are transparent to users.
- Progent can diagnose and resolve complex problems concerning workstation and server authentication in an Active Directory environment.
- The specialists in Progent's Experts Team can implement and support applications integrated with Active Directory by providing Microsoft Exchange 2016 planning and deployment, Exchange Server 2013 integration, Microsoft Exchange Server 2010 consulting, Exchange Server 2003 migration support, Forefront Threat Management Gateway integration, Microsoft ISA Server support, System Center Configuration Manager planning and integration assistance, and Cisco Unified Communications Manager/CallManager expertise.
- Progent can help architect, plan and mange the migration/merging of an acquired entities Active Directory environment into a single AD structure.
- Progent has world-class expertise implementing and configuring Microsoft Operations Manager to monitor the health and operations of a complex Active Directory environment.
- For enhanced security, Progent can provide assistance designing enterprise-wide security policies and procedures and work with Active Directory configuration to implement such policies.
Windows Server 2008 adds important new or enhanced services to Active Directory. New or improved services and their key features include:
Active Directory Domain Services
These services are an enhanced and renamed version of AD Directory Services. Active Directory Domain Services centralize configuration data, authentication requests, and information about all stored objects. This allows convenient, centralized management of directory-enabled objects. Windows Server 2008 enhancements to Active Directory Domain Services include:
Active Directory Lightweight Directory Services
- Auditing improvements
- Fine-grained passwords for more versatile password policies
- A Read-only Domain Controller for environments with marginal security
- Restartable Active Directory Domain Services makes maintenance less disruptive
These services are an enhanced and renamed version of Active Directory Application Mode. Active Directory Lightweight Directory Services (AD LDS) provides an alternative database to store directory-enabled application data, which would otherwise be stored on the AD Domain Services database. By allowing you to keep the security account database on a separate location from the application configuration and directory data, you can streamline replication, simplify the Active Directory schema, and partition the directory structure so that AD LDS services is deployed only to relevant application servers. Windows Server 2008 enhancements to Active Directory Lightweight Directory Services include:
Active Directory Certificate Services
- Install from Media Generation facilitates the creation of installment disks
- Auditing of changes within the directory service
- Database Mounting Tool lets you view snapshots of database information
- Active Directory Sites and Services Support simplifies management of AD LDS replication
- Dynamic List of LDIF files simplifies setting up an AD LDS server
- Recursive Linked-Attribute Queries can follow nested attribute links do find additional properties
These services store the certificates and private keys of people, devices, or services, helping to protect the identity and centralizing access to this information for authorized applications. Enhancements to Active Directory Certificate Services include:
Active Directory Federation Services
- Enrollment Agent Templates can delegate enrollment agents on a per-temple basis
- Integrated Simple Certificate Enrollment Protocol (SCEP) allows certificates to be issued to network appliances such as routers
- An Online Responder reduces network traffic when clients validate certificates
- Enterprise PKI (PKI View) is a new management tool that facilitates the management of Certification Authority (CA) hierarchies
These identity access services help authenticate users from partner organizations and make it easier to integrate trusted and untrusted domain resources. Enhancements to Active Directory Federation Services include:
Active Directory Rights Management Services
- Availability As an Integrated Server Role allows Active Directory Federation Services to be managed via Server Manager
- Integration with Microsoft Office SharePoint Server 2007 supports a single sign-in
- Integration with Active Directory Rights Management Services (AD RMS) eliminates the need for AD RMS to be installed in both organizations
- Improved Administration makes it easier for both organizations to configure trust information
These services identify which users have rights to a file and specifies what those rights are (e.g., open, modify, print, forward, etc.). This helps protect data that is distributed to environments that you do not control. Enhancements to Active Directory Rights Management Services include:
How Progent Can Help You with Active Directory
- Application Support allows you to install the Active Directory Rights Management Services client on other Windows operating systems.
- Persistent Protection keeps your content secure even when it is outside your network environment
- Usage Policy Templates makes it easy to set usage rights for files with the same rights
Progent's Microsoft-certified consultants offer expertise in the design, deployment, and support of Active Directory solutions for Windows Server 2012 R2 and Windows Server 2008. Progent can also provide Cisco-certified network infrastructure engineers to help you enhance the efficiency and dependability of your wide area network infrastructure. In addition, Progent's CISA, CISM, GIAC, and CISSP certified security professionals can evaluate and test your enterprise-wide security and compliance and recommend improvements appropriate for large-scale, multi-site environments. If you are looking for expert help in designing, deploying or troubleshooting complex Active Directory installations, call Progent at 800-993-9400 or visit Contact Progent.