Preparing a Locked Down Active Directory Domain Services (2007 R2 Beta)
[This is preliminary documentation and is subject to change. Blank topics are included as placeholders.]
Organizations often lock down Active Directory Domain Services (AD DS) to help mitigate security risks. However, a locked down Active Directory environment can limit the permissions that Office Communications Server requires. Properly preparing a locked down Active Directory environment for Office Communications Server involves some additional considerations and steps.
Two common ways permissions are limited in a locked down Active Directory environment are as follows:
- Authenticated user access control entries (ACEs) are removed from containers.
- Permissions inheritance is disabled on containers of User, Contact, InetOrgPerson, or Computer objects.
See Also
Tasks
Authenticated User Permissions Are Removed
Permissions Inheritance Is Disabled on Computers, Users, or InetOrgPerson Containers