MCSE Designing a Windows Server 2003 Active Directory and Network Infrastructure: Exam 70-297 Study Guide

Standardization provides consistency and predictability in design.
Standards may exist enterprisewide, forestwide, or domainwide.
Object naming is the most commonly standardized item.
Forest designs must provide for service autonomy, service isolation, data autonomy, and/or data isolation.
Organizational forest, resource forest, and restricted access forest models are used to accommodate autonomy and isolation requirements.
Available bandwidth and the number of users in the organization will determine whether a single domain or multiple domains will be required.
From weakest to strongest, LAN Manager, NTLM v1, NTLM v2, and Kerberos authentication are all authentication mechanisms supported by Windows Server 2003.
Four trust types are available:
External trusts nontransitive trusts providing either one-way or two-way trust
Realm trusts transitive or nontransitive trusts providing either one-way or two-way trust
Forest trusts transitive trusts providing one-way or two-way trust
Shortcut trusts transitive trusts providing one-way or two-way trust
Transitive, two-way trusts are created by default between all domains in the same forest.
OUs are created to delegate administrative tasks, to create divisions of users with dissimilar policy requirements, and to simplify resource administration.
Delegate by function, geography, or object type (or a hybrid thereof).
OU owners are responsible for account management, workstation and member server management, and delegation of authority within their assigned OU(s).
Group Policy implementation follows an inheritance structure whereby subcontainers (or child containers) inherit the policies of their...