Windows AD for Dummies

Anyone recommend a good book for Windows AD stuff? I find I may need to know a bit more, but here’s the special reasons:

I am not, nor to I intend to become, an AD admin. I have some standards. :slight_smile: However, I do run an annoyingly complex DDI (DNS, DHCP, IPAM) system and it integrates with AD in several interesting ways… So I need to know more about AD terminology and such.

Any suggestions?

1 Like

Suicide is a viable alternative to managing AD.

Good news for me is I just have to talk to the people that do!

I feel it is the moral choice to be understanding and offer counseling.

I can’t say that I know of any quick type books. I teach AD, and I’m pretty familiar with it, though, so maybe I can answer any specific questions you might have.

1 Like

“What is it, and how does it work?”

More useful, I guess my focus is how it interacts with DNS and DHCP. We found an issue yesterday where no one knew we needed to add AD servers to an Access List that lets them update a DNS zone, which has been causing issues.

I’m used to Active Directory being where I control both DHCP and DNS. DNS is a pain to deal with once you start dealing with forward and reverse lookup zones. If you have a forward lookup zone, you need to have a matching reverse lookup zone. When you create a forward/reverse lookup zone, you will need to add an A or AAAA record for the DNS server on the network that you are looking to. An A record is the IP v4 address, the AAAA record is the IP v6 address.

My company basically hands off DNS/DHCP to the Network Team, so that’s devolved to me. :slight_smile: And the hand-off from the guy that set it up was… brief. The basics I get: We use Infoblox which costs a large fortune but handles ‘DDI’ with tons of features. (DDI: DNS, DHCP, IPAM; IPAM: IP Address Management, I.E. replacing the Spreadsheet of IP Addresses most orgs have.) IB makes reverse zones easy and automates a few things that can be interesting. (For example, with IB you generally don’t make raw A records and PTR record, but use a Host record that is a combo of the two so the whole thing gets deleted at one time.

The issue I’m dealing with is AD seems to want to manage all these weird _ldap* SRV records that do various things. And I’m getting asked weird questions about them.

Looking at books: There is an Active Directory for Dummies book, but it looks outdated. O’reilly has a book on AD, but it looks outdated and is out of print. Packt has one, but not sure if there’s any value to it.

I might order the O’reilly one, as the local used book shop has copies for around $5.It’s 2012, but hopefully the basics apply. I’m just looking to be able to talk to my coworkers like I know what’s going on.

1 Like

If it’s for 2012, you should be fine.

1 Like

It’s worth a shot… $5 is not a huge investment, after all.

I also somehow missed that O’Reilly seems to be edging out of book publishing. It looks like they’re still doing some, but it’s definitely secondary to pushing training. Kind of a shame: some of their books are basically the gold standard for reference books for various IT topics.

1 Like

Dangit. Just realized the copy I got only covers through 2003.

So, yes, bought a second used copy, but now paying about 4x as much for the 5th edition vs. the first edition. Still cheaper than new for something I don’t know I’ll use that much.

1 Like