Just a brief procedure to add an extra Domain Controller (more specific the first DC in a new site)
Install Windows Server 2003 with same version and service pack level as other DC’s
Install all Windows Update patches
Set static IP
Put server in domain
Continue reading Adding an additional Windows Server 2003 Domain Controller in the domain
Add a Group Policy in:
Computer Configuration, Windows Settings, Scripts (Startup/Shutdown) -> Startup and apply to the appropriate OU’s.
Add a batch file here with the following content (example):
NET LOCALGROUP Administrators /ADD “DOMAINNAME\Domain Admins”
NET LOCALGROUP Administrators /ADD “DOMAINNAME\Group_IT”
Now you can simply add the necessary users in “DOMAINNAME\Group_IT”, and they will have local administrator rights on the PC’s in the selected OU’s.
After clicking Active Directory Users and Computer -> View, Advanced Features extra tabs are available. For computers this is: Security and Object: handy if you want to find a computer, because this shows the Canonical name of the computer object.
Even more information will be available if you install Acctinfo.dll from the Windows 2003 Resource Kit. See here for more information.