Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exploring Directory Services. Need for DS Multiple servers, multiple services in single network –Multiple servers for reliability, security, optimizing.

Published byGeorgiana Ray Modified over 8 years ago

Similar presentations

Presentation on theme: "Exploring Directory Services. Need for DS Multiple servers, multiple services in single network –Multiple servers for reliability, security, optimizing."— Presentation transcript:

1 Exploring Directory Services

2 Need for DS Multiple servers, multiple services in single network –Multiple servers for reliability, security, optimizing cpu usage –Impossible to handle separate administration on each server for all users. DS brings organization to this clutter –All network information stored in the directory Printers, folders, users, groups, servers –Eliminates duplicating information on different servers No need to maintain separate user list on all servers Single directory service with single set of users –Assign rights/privileges using directory

3 More on DS Five Important DS: NDS: (runs on Netware 4.x or higher) –Popular for the longest time –Provides single directory for managing multivendor network (edirectory) ADS: (Windows 2003 servers) Windows NT Domain: –Not a full DS. Provides some features X.500 Directory Access Protocol (DAP): –International standard directory –Provides too many feature to be used –Deployment and management is difficult LDAP: –Subset of X.500 –NDS and ADS

4 Directory Structure (inverted) Tree-based organization Consists of three major types of objects: –Root Represents the beginning of the tree –Containers. Can hold other containers or objects Three types –Country: uses valid two-digit country code. C= –Organization: must have atleast one O= –Organizational Unit: OU= –Leaf. Represent the actual resource on the network Entities such as printers, folders, users Cannot contain other objects All objects on the tree has attributes/properties

5 DS management: Replication: No directory -> no network. –Two approaches: Primary/backup model –Backups can be promoted in the absence of primary Multimaster model –All servers are peers to one another Partition: –Different servers keep different parts of the directory

6 DS management: Replicating: Duplicate DS database for redundancy. Improved performance: by reducing time to authenticate Fault Tolerance : authenticating when master server is down Reliability : by maintaining a separate copy. Synchronization & communication time overhead (-) –DS distributed over WAN. Handling concurrent changes: –NDS: uses time stamps –ADS: uses sequence numbers

7 ..DS management: Partitioning: –Reduce overhead of sync-ing entire DS. –Dividing the DS database, so that only part of the entire DS is replicated. Each LAN holding host its own partition and can still access the entire tree. Improved WAN performance –Typically not necessary for smaller networks on same LAN. –Windows 2003 Global catalog: controlling directory server managing the entire tree.

8 Tree Models Single-site Networks –Multiple servers on a single LAN Multisite, geographically designed trees –OU = regional offices, branch office within region –Easier to share resources on a regional basis Multisite, function-based networks –Containers represent functional areas –resource sharing within regions becomes difficult. –Failure could affect other OU ’ s. Multisite, Star-configured Networks. –Network partitioned into satellite units. –Partitions replicated to central site. –synchronized from central to other site. –Heavy dependence on central site

9 DS Trees Defining factors –cost and efficiency of the WAN links –amount of DS information to be transferred over the links. DS Challenge: –Using a single DS to handle multiple NOS on the same network.

10 Useful tips to plan a tree Place users & resource they use in close proximity. Use aliases, roles, groups, profiles avoid excessive sub-categorization “ rights flow down ” - eases administration. Impact of partition & replication on n/w performance.

11 Novell Directory Service –Uses the Master/Slave model –Easily handles hundreds of servers and millions of users. –Can manage other NOS like windows 2k, Unix, linux –Tree can be managed from workstations using graphical or text-based tools (NetAdmin). –Console1 – latest java based management tool.

12 Active Directory Service Runs on windows 2000/2003/2008 Fully compatible with LDAP v.2 and v.3 Tightly integrated with DNS Multimaster model –All domain controllers are full participants Allows Forests –Group of trees –Each tree has its own domain and domain controllers No more trust-relationships Two modes –mixed (compatibility with NT servers) –Native mode (all 2000 based systems)

13 Windows NT Domain Breaks an organization into chunks called domains Controlled by PDC and BDC ’ s. –BDC can be promoted or demoted Four possible models –Single-domain model –Master domain model –Multiple master domain model –Complete trust model Trust becomes very difficult to manage in case of large numbers of domains

14 X.500 Developed by ITU and OSI A standard that can be used by the entire internet. Complex and extensive functionalities CN=foo, OU=Engg, OU= EastCoast, O=info, C= USA

15 LDAP Developed by a consortium of companies Subset of X.500 –Fewer fields and functions that X.500 Four basic models: –Information Model Defines the structure of data stored in directory –Naming Model Defines how to reference and organize the data –Functional Model Defines how to work with the data –Security Model Defines how to secure the data

Download ppt "Exploring Directory Services. Need for DS Multiple servers, multiple services in single network –Multiple servers for reliability, security, optimizing."

Similar presentations

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 6 Introducing Active Directory

Chapter 6 Introducing Active Directory
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory

Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
Active Directory Lecture 3 – Domain Services Primer.

Active Directory Lecture 3 – Domain Services Primer.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
(ITI310) SESSIONS 9-10-11-12: Active Directory By Eng. BASSEM ALSAID.

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.

BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.

Similar presentations

Ads by Google