General discussion


Newbie to win2000 server

By Mick@work ·

i'm a networking person & new to servers but i'm setting up a pdc on win 2000 for a small company of 30 - 40 users and have a few questions

i have set up the server on a medium sized PC with test user and pc accounts & can get logged on ok - my queries

1. is the mmc the only free tool available with
win2000 to administer the domain?

2. i'm giving users different levels of power on
the domain, i know the domain admin can do all
but i want to create a group with medium
powers, i.e. add new machines, configure pcs,
and one with little or no power - what goups
can i use?

3. dhcp/external dns is supplied by a broadband
connection to the telco so i have the server
as a dhcp client and the server configuration
added dns server - are there any other
services i need to disable for security

4. i want a user to have a console to add users
etc - is mmc the only free option?

thanks to anyone taking the time and effort to answer my queries

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to Newbie to win2000 server

Multiple answers to your questions here, so I will start in order:

1) No, but most of the others will call the various MMCs and some operations can only be run from the MMC. So you will be using tem a great deal.

2) To add users to a domain, you should use the built-in security group Account Operators. For allowing a group to configure workstations, I would say to creat a security group and assign that security group to the administrators group on the PC's that should be managed.

An overview of default Windows 2000 security groups can be found here:

3) The Windows 2000 Security recommendations are a very well accepted standard. These templates, explanations and instructions on use can be found here:

In addition, to prevent issues with your domain controller, I would recommend that clients point to your DC for DNS and you have a root hint forwarder from the DC to your ISP's DNS server.

4) You should use the Users and Computers MMC.

I would recommend that you attend some Microsoft training seminars, join a MCSE study group, use VMWare to create an AD environment that you can test and **** up (blowing it all the heck is still the best way to learn what NOT to do in the real world) and purchase some of the TR and O'Reilly Windows 2000 guides.

Collapse -

by Mick@work In reply to

Poster rated this answer.

Collapse -

by Mick@work In reply to Newbie to win2000 server

This question was closed by the author

Related Discussions

Related Forums