EXERCISE 1.02.E XERCISE 1.02C REATING G ROUPS WITH A CTIVE D IRECTORYU...

Question

271_70-292_01.qxd 8/21/03 12:40 PM Page 25Managing Users, Computers, and Groups • Chapter 1 25About DACLsA DACL is an internal listing that is attached to files, folders, and other directoryservices objects on volumes that are formatted with the NTFS file system. DACLs areconfigured by administrators and used to specify which users and/or groups areallowed to perform different actions on the file, folder, or object in question. Theimplementation of a DACL varies from files and folders to other objects due to thespecific requirements of other objects. For example, files and folders have the Readaccess permission, but printers do not.Each DACL is made up of Access Control Entries (ACEs). Each ACE specifies thesecurity identifier (SID) of the security principal (user or group) that it applies to aswell as the level of access to the file, folder, or object that is permitted for that spe-Head of the Class...cific security principal.Group type conversions can also be performed from the command-line using the dsmodcommand.The syntax required to perform the conversion is as follows:dsmod group GroupDN [-secgrp {yes | no}] Again, the function of the switches are self-explanatory as they represent the distin-guished name of the group to be converted and the type of group conversion being made.Appendix A contains a complete listing of the dsmod command and its switches.Figure 1.17 demonstrates using the dsmod command twice, first to convert a distribu-tion group into a security group and then back into a distribution group using the fol-lowing commands:dsmod group &#34;CN=Arizona Sales Division,DC=corp,DC=mcsaworld,DC=com&#34; -secgrp yesdsmod group &#34;CN=Arizona Sales Division,DC=corp,DC=mcsaworld,DC=com&#34; -secgrp noFigure 1.17  Converting the Group Type from the Command-LineA check of the group type from the General tab will confirm that the change hasbeen made.You will not receive any warning dialogs when converting the group type fromthe command-line.https://traloihay.net

EXERCISE 1.02.E XERCISE 1.02C REATING G ROUPS WITH A CTIVE D IRECTORYU...

About DACLs

A DACL is an internal listing that is attached to files, folders, and other directory

services objects on volumes that are formatted with the NTFS file system. DACLs are

configured by administrators and used to specify which users and/or groups are

allowed to perform different actions on the file, folder, or object in question. The

implementation of a DACL varies from files and folders to other objects due to the

specific requirements of other objects. For example, files and folders have the Read

access permission, but printers do not.

Each DACL is made up of Access Control Entries (ACEs). Each ACE specifies the

security identifier (SID) of the security principal (user or group) that it applies to as

well as the level of access to the file, folder, or object that is permitted for that spe-

Head of the Class...

cific security principal.

Group type conversions can also be performed from the command-line using the dsmod

command.The syntax required to perform the conversion is as follows:

Again, the function of the switches are self-explanatory as they represent the distin-

guished name of the group to be converted and the type of group conversion being made.

Appendix A contains a complete listing of the dsmod command and its switches.

Figure 1.17 demonstrates using the dsmod command twice, first to convert a distribu-

tion group into a security group and then back into a distribution group using the fol-

lowing commands:

Figure 1.17 Converting the Group Type from the Command-Line

A check of the group type from the General tab will confirm that the change has

been made.You will not receive any warning dialogs when converting the group type from

the command-line.

https://traloihay.net

Bạn đang xem 271_ - MCSA MCSE EXAM 70 292 STUDY GUIDE PHẦN 1 PPTX