Configuring the Active Directory Service

Active Directory is a key part of Windows 2000. It provides a wide variety of manageability, security, and interoperability features. The main administration tool is a snap-in called Active Directory Users and Computers.

Active Directory does not support the concept of roles. Therefore, you must simulate the Enterprise Manager roles in Active Directory using the concept of groups.

For detailed information about how to perform the following steps, see the documentation provided with Active Directory.

To Configure the Active Directory Service

1. Start the Active Directory Users and Computers administration tool.

2. Right-click the root node and select New > Organizational Unit.

   The New Object - Organization Unit dialog box appears.

3. In the Name field, enter a value (for example, EntMgrRoles).

4. Click OK.

5. Under the organizational unit, create the following groups:

   • Deployment

   • User Management

   • Read-Only Monitor

   • Controlling Monitor

   • JMS Read-Only Monitor

   • JMS Read-Write Monitor

   • Manager

   After you add the groups, they appear under the organizational unit.

6. Add the admin user and the Administrator user as members of all the groups that you created by double-clicking each group and selecting admin and Administrator from the dialog box.

7. Go to Configuring the Enterprise Manager Server.