Active Directory Active Directory was one of the most significant features added to Windows 2000 Server, but like most new technologies, it had a few annoying limitations that made management somewhat difficult for IT managers. In Windows Server 2003, Microsoft has added several interesting enhancements that should ease management of Active Directories. On a user interface side, Active Directory management consoles now allow administrators to select multiple objects and modify them at the same time. In tests, we could click on several users and change their attributes with one quick command. In the past, we would have had to do each individually.One of the most important enhancements made in Active Directory for Windows Server 2003 is the ability to rename a domain without going through the tedious process of demoting and promoting a domain controller with a new name. The domain rename tool (called the netdom command) is a simple command-line utility that we found relatively easy to use during rename processes. Unfortunately for Exchange administrators, domains that have an Exchange 2000 server present cannot currently be renamed. Replication has been made a bit more intelligent in Windows Server 2003s Active Directory. In the past, when a change was made to a member of a group, the entire group had to replicate the change. This made replications a traffic nightmare for IT managers with large groups in their Active Directories. In Windows Server 2003, an individual can change without forcing a group replication. The new Active Directory also supports forest trusts (one-way, two-way and transitive) for Windows Server 2003 forests. The use of these trusts should make it easier for business partners to share and maintain directory data (
see screen). Henry Baltazar
Another UI improvement is the addition of drag-and-drop functionality for quickly moving objects within a domain.