Presentation is loading. Please wait.

Presentation is loading. Please wait.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Published byAndra Scott Modified over 8 years ago

Similar presentations

Presentation on theme: "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."— Presentation transcript:

1 This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to accompany the courseware may be copied, photocopied, reproduced, or re-used in any form or by any means without permission in writing from a director of gtslearning International Limited. Violation of these laws will lead to prosecution. All trademarks, service marks, products, or services are trademarks or registered trademarks of their respective holders and are acknowledged by the publisher. All gtslearning products are supplied on the basis of a single copy of a course per student. Additional resources that may be made available from gtslearning may only be used in conjunction with courses sold by gtslearning. No material changes to these resources are permitted without express written permission by a director of gtslearning. These resources may not be used in conjunction with content from any other supplier. If you suspect that this course has been copied or distributed illegally, please telephone or email gtslearning. 3.4 Directory Services CompTIA Server+ Certification (Exam SK0-004)

2 Objectives Understand the structure of an X.500 directory and the use of LDAP and Active Directory Manage user and group accounts on Windows and Linux servers 3.4 Directory Services 220

3 Owner-based access control model (discretionary) User accounts protected by credentials Resources protected by Access Control Lists (ACL) Owner / system administrator grants privileges / permissions to accounts Configuring Directory Services 3.4 Directory Services 220

4 Lightweight Directory Access Protocol (LDAP) Objects and attributes X.500 directory standard LDAP is a standard means of querying and updating objects and attributes Port 389 (TCP and UDP) / port 363 (LDAP- Secure) Port 3268 for Windows Active Directory Global Catalog queries LDAP 3.4 Directory Services 220

5 Distinguished Names 3.4 Directory Services 221

6 Directory Information Tree 3.4 Directory Services 222

7 Active Directory Domain Controller (DC) Domains Trees and Forests Organizational Units (OU) Sites Member Server Joining a domain 3.4 Directory Services 222

8 User name Credentials Profile Logon script Security ID (SID) Managing Users 3.4 Directory Services 225

9 Administrative Accounts Administrator / root account Generic account prohibition User Access Control (UAC) Assigning system privileges 3.4 Directory Services 225

10 Windows Account Management Domain Admins and Account Operators Active Directory Users and Computers Local Users and Groups 3.4 Directory Services 227

11 Linux Account Management Configuration files o /etc/passwd o /etc/group o /etc/shadow useradd, usermod, userdel su sudo passwd 3.4 Directory Services 228

12 Allocate permissions to a group account then add users to group accounts as needed Easier to manage than allocating permissions directly to user accounts Active Directory group types o Domain Local o Global o Universal Groups o AGDLP (Accounts go into Global groups, which go into Domain Local groups, which get Permissions) (Computer) local groups Security versus distribution groups Managing Group Accounts 3.4 Directory Services 229

13 Users, Administrators, Domain Admins, Account Operators, Backup Operators... Everyone group Guests group System groups o Interactive – any local user of the computer o Network – any user connected over the network o System – the Windows operating system o Creator/owner – the user who created the directory or print job Built-in Groups 3.4 Directory Services 231

14 Creating Group Accounts AD versus local Member Of tab in User properties Naming conventions Linux group accounts o groupadd, groupmod, groupdel o Effective group ID o newgrp 3.4 Directory Services 231

15 Group Policy 3.4 Directory Services 233

16 Logon Scripts 3.4 Directory Services 234

17 Role-based Access Control (RBAC) Differs from owner-based Discretionary Access Control (DAC) Assignment of role / permissions is system- determined rather than owner-determined Difficult to implement properly in most commercial OS o AGDLP is role-based approached but can be overridden by an administrator taking ownership and changing permissions Role-based Access Control 3.4 Directory Services 235

18 Review Understand the structure of an X.500 directory and the use of LDAP and Active Directory Manage user and group accounts on Windows and Linux servers 3.4 Directory Services 236

19 Labs Lab 7 / Configuring Directory Services 3.4 Directory Services

Download ppt "This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."

Similar presentations

Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
MOAC : Installing and Configuring Windows Server 2012

MOAC : Installing and Configuring Windows Server 2012
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.

1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
Chapter 7 Managing OUs and Active Directory Accounts

Chapter 7 Managing OUs and Active Directory Accounts
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.

Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Similar presentations

Ads by Google