Configuring the Active Directory Service

Active Directory is a key part of Windows 2003. It provides a wide variety of manageability, security, and interoperability features. The main administration tool is a snap-in called Active Directory Users and Computers.

Active Directory does not support the concept of roles. Therefore, you must simulate the Java CAPS roles in Active Directory using the concept of groups.

Rather than creating the groups within the Users directory, you create the groups in a new organizational unit called CAPSRoles.

For detailed information about how to perform the following steps, see the documentation provided with Active Directory.

To Configure the Active Directory Service

1. Start the Active Directory Users and Computers administration tool.

2. Right-click the root node and select New > Organizational Unit.

   The New Object - Organization Unit dialog box appears.

3. In the Name field, enter a value (for example, CAPSRoles).

4. Click OK.

5. Under the organizational unit, create the following groups: all, administration, and management. To create a group, you right-click the organizational unit and select New > Group. Use the default values for Group scope and Group type.

   After you add the groups, they appear under the organizational unit.

6. Add the admin user and the Administrator user as members of all the groups that you created by double-clicking each group and selecting admin and Administrator from the dialog box.

7. Go to Configuring the Repository.