Introduction to Active Directory Directory Services

Slides:



Advertisements
Similar presentations
Module 1: Introduction to Active Directory in Windows 2000
Advertisements

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Active Directory: Final Solution to Enterprise System Integration
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Administering Active Directory
Chapter 4 Introduction to Active Directory and Account Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Introduction to Dfs. Limits of Dfs 260 characters per file path 32 alternatives per volume 1 Dfs root per server Unlimited Dfs roots per domain Volumes.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Network+ Guide to Networks, Fourth Edition Chapter 8 Network Operating Systems and Windows Server 2003-Based Networking.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.
Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Module 1: Introduction to Active Directory
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server 2008
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Introduction to Active Directory Services Completely integrated with Microsoft Windows 2000 Server Integrates the Internet concept of namespace with the.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Overview of Active Directory Domain Services Lesson 1.
Nassau Community College
(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.
Directory services Unit objectives
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Windows Server 2008 Chapter 4 Last Update
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 4 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
1 Chapter Summary Understanding DNS Understanding Name Resolution Configuring a DNS Client Understanding Active Directory Understanding Active Directory.
Module 7 Active Directory and Account Management.
Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC.
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
By Rashid Khan Lesson 6-Building a Directory Service.
Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.
Active Directory Infrastructure Microsoft Windows 2003 Active Directory Infrastructure MCSE Exam
OVERVIEW OF ACTIVE DIRECTORY
Introduction to Active Directory
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Module 1: Introduction to Active Directory
Logical and Physical Network Design 1. Active Directory Objects Objects Represent Network Resources (Users,Groups,Computers,Printers) Attributes Store.
Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Planning an Active Directory Deployment Lesson 1.
Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services
Active Directory Replication (Part 1) Paige Verwolf Support Professional Microsoft Corporation © 1999 Microsoft Corporation. All rights reserved.
Implementing Active Directory Domain Services
Overview of Active Directory Domain Services
Active Directory Administration
(ITI310) SESSIONS 6-7-8: Active Directory.
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Active Directory Stored collection of information about objects
Microsoft Windows Server 2003 Active Directory Infrastructure
Chapter 4: Planning the Active Directory and Security
Active Directory (November 7, 2016) © Abdou Illia, Fall 2016.
Prepared by Wasim Ahmad Bhat
Microsoft Active Directory
Presentation transcript:

Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management

What Are Active Directory Directory Services? The directory service included with Microsoft Windows 2000 Server products A directory service is a network service. A directory service identifies all resources on a network. A directory service makes all resources available.

What Are Active Directory Directory Services? (continued) Active Directory directory services include the Directory. The Directory stores information about network resources. Resources stored in the Directory are referred to as objects.

Simplified Administration Active Directory directory services organize resources hierarchically in domains. A domain is a logical grouping of servers and other network resources under a single domain name. A domain is the basic unit of replication and security. A domain includes at least one domain controller.

Simplified Administration (continued) Active Directory directory services provide A single point of administration for all objects on the network A single point of logon for all network resources

Scalability The Directory stores information by organizing itself into sections that permit storage for a huge number of objects. The Directory can expand to meet the needs of Small installations with one server and a few hundred objects. Huge installations with hundreds of servers and millions of objects.

Open Standards Support Active Directory directory services Integrate the Internet concepts of a namespace with the Windows 2000 directory service Allow you to unify and manage multiple namespaces Use DNS for its name system Exchange information with any application or directory that uses LDAP or HTTP

Domain Name System DNS is the domain naming and locator service for Active Directory. Windows 2000 domain names are also DNS names. Windows 2000 Server uses dynamic DNS (DDNS). Clients can update the DNS table dynamically. DDNS eliminates the need for other naming services.

Support for LDAP and HTTP LDAP is an Internet standard for accessing directory services. HTTP is the standard protocol for displaying pages on the World Wide Web. You can display every object in Active Directory as an HTML page in a Web browser.

Support for Standard Name Formats RFC 822 somename@domain.com HTTP URL http://domain/path-to-page UNC \\microsoft.com\xl\budget.xls LDAP URL LDAP://someserver.microsoft.com/ CN=FirstnameLastname,OU=sys, OU=product,OU=division,DC=devel

Logical Structure The logical structure is separate from the physical structure. Organize resources in a logical structure. Find a resource by its name rather than its physical location. The network’s physical structure is transparent to the users.

Objects

Organizational Units

Domain The domain is the core unit of logical structure. All network objects exist within a domain. A domain stores information about only the objects that it contains. A practical limit to the number of objects in a domain is 1 million.

A Domain Is a Security Boundary Access to domain objects is controlled by ACLs. ACLs contain the permission associated with objects. ACLs control which users can gain access to an object. ACLs control which type of access users can gain to the objects. Security policies and settings do not cross from one domain to another. A domain administrator has absolute rights to set policies only within that domain.

Tree A tree is a grouping of one or more Windows 2000 domains. All domains within a single tree share a contiguous namespace. The domain name of a child domain is the relative name of that child domain appended with the name of the parent domain. All domains within a single tree share a common schema. All domains within a single tree share a common global catalog.

Forest A forest is a grouping of one or more domain trees. The trees in a forest form a disjointed namespace. All trees in a forest share a common schema. Trees in a forest have different naming structures. All domains in a forest share a common global catalog. Domains in a forest operate independently.

Sites The physical structure is based on sites. A site is a combination of one or more IP subnets. Typically a site has the same boundaries as a LAN. Sites are not part of the logical namespace. Sites contain computer objects and connection objects.

Replication Within a Site The Active Directory directory services include a replication feature. Replication ensures that changes to a domain controller are reflected by all domain controllers within a domain.

Functions of Domain Controllers in a Domain Store a complete copy of all Active Directory information Replicate all objects in the domain to each other automatically Replicate certain important updates immediately Use multimaster replication Provide fault tolerance Manage all aspects of user domain interactions

Ring Topology for Replication

Schema Contains a formal definition of the contents and structure of Active Directory directory services Defines attributes for each object class

Default Schema Created by installing Active Directory on first computer in a new forest Contains definitions of commonly used objects and properties Contains definitions of objects and properties used by Active Directory

Extensible Schema You can define new directory object types and attributes. You can define new attributes for existing objects. You can extend the schema By using LDAP Data Interchange Format (LDIF) scripts. Programmatically or by using the Active Directory Services Interface (ADSI). By using the Active Directory Schema snap-in. The schema is stored in the global catalog and can be updated dynamically.

Global Catalog

Global Catalog Servers Installing Active Directory on the first computer in a new forest makes that domain controller a global catalog server. The Active Directory Sites and Services snap-in allows you to designate additional global catalog servers. More global catalog servers means more replication traffic. More global catalog servers can provide quicker responses. Every major site should have a global catalog server.

Namespace

Naming Conventions Every object in Active Directory is identified by a name. Active Directory uses a variety of naming conventions.

Distinguished Name Every object has a distinguished name (DN). The DN uniquely identifies the object. The DN contains sufficient information for a client to retrieve the object. The DN includes the name of the domain that holds the object. The DN includes the complete path to the object.

Relative Distinguished Name

Globally Unique Identifier A globally unique identifier (GUID) is a 128-bit number that is guaranteed to be unique. GUIDs are assigned when the object is created. The GUID for an object never changes. Applications use GUIDs to retrieve objects regardless of current DNs.

User Principal Name User accounts have a friendly name, the user principal name (UPN). The UPN is composed of the shorthand name for the user account and the DNS name of the tree where the user account object resides.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.