The solution offers the following scripts to speed deployment of your centralized management platform. The scripts secure the recommended OU structure and can help you migrate existing users and servers to Active Directory.
Note: |
---|
If you plan to use MPS (Microsoft Provisioning System) to manage users and customers in Active Directory, you can skip these steps. The InitializaADforHosting procedure in MPS will configure the security in Active Directory. |
In the sections that follow, you can chose to run the individual scripts, or perform equivalent manual steps. The following table shows the scripts provided for centralized management.
Table: Scripts to Automate OU Creation and Security Tasks
File name | Function | Requirements | Location |
---|---|---|---|
SecureAD.vbs |
Secure Active Directory |
Domain controllers and OU hierarchy must have been configured |
\Centralized Management\Config Scripts |
Migratetocm.wsf |
Migrates users and servers to the Active Directory OU hierarchy |
Microsoft Provisioning Framework (MPF) on the computer on which you run Migratetocm.wsf |
\Centralized Management\Config Scripts |
Use SecureAD.vbs to Secure Active Directory
SecureAD.vbs enables you to perform the following tasks automatically, by running the scripted procedures in sequence:
- Secure Active Directory
- Set Active Directory to List Object mode
- Secure the Pre-Windows 2000 Compatible Access group
- Configure the Service Accounts and Domain Computers
groups
- Set Active Directory to List Object mode
Before you run this script you should have you domain controllers in place, and you should have configured your OU hierarchy. Before you proceed, make sure you have reviewed the prerequisite steps to configure the server OU hierarchy.
Procedure CM.1: To use SecureAD.vbs to automatically secure Active Directory
-
Log on to AD01 using an account that is a member of the domain administrators group.
-
Copy the SecureAD.vbs script from the \Centralized Management\Config Scripts directory on the solution CD to a local directory on AD01.
-
Run the script and provide OU name as a parameter, as follows: secureAD.vbs /OU:Hosting
Once you have successfully run SecureAD.vbs, the next task is to configure external DNS servers.