Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Active Directory Domain Services

Published byJune Robbins Modified over 5 years ago

Similar presentations

Presentation on theme: "Implementing Active Directory Domain Services"— Presentation transcript:

1 Implementing Active Directory Domain Services

2 Module Overview Introducing AD DS Implementing AD DS
Managing Users, Groups, and Computers Implementing Organizational Units Implementing Group Policy

3 Introducing AD DS The AD DS Forest The AD DS Schema What Is a Domain?
AD DS Trees Organizational Units Trust Relationships

4 The AD DS Forest Domain Trust Forest contoso.com tailspintoys.com
corp.contoso.com test.contoso.com orders.tailspintoys.com clients.tailspintoys.com Forest

5 The schema is the framework of which AD DS is composed
The AD DS Schema The schema is the framework of which AD DS is composed Example class objects include: Organizational units Users Computers Example attributes include: Description User name Computer location

6 A domain is created when you promote a server to a
What Is a Domain? A domain is created when you promote a server to a domain controller A domain is: An administrative boundary A replication boundary An authentication boundary

7 Implementing AD DS What Is a Domain Controller?
What Is a Read-Only Domain Controller? AD DS Sites AD DS Replication Configuring DNS for AD DS

8 What Is a Domain Controller?
Domain controllers : Provide authentication Host operations master roles Host the global catalog Support group policies and SYSVOL Provide for replication

9 What Is a Read-Only Domain Controller?
RODCs host read-only partitions of the AD DS database, only accept replicated changes to AD DS, and never initiate replication RODC RODCs provide: Additional security for branch office with limited physical security Additional security if applications must run on a domain controller RODCs: Cannot hold operations master roles or be configured as replication bridgehead servers Can be deployed on servers running Windows Server 2008 R2 Server core for additional security

10 AD DS Sites Bellevue Seattle Redmond

11 Configuring DNS for AD DS
Considerations: You can install DNS as part of the domain controller deployment process You can integrate the DNS zone into AD DS Use secure dynamic updates for your DNS zone Use multiple DNS servers to provide for high availability and load balancing SRV records enable the location of AD DS and other services

12 Managing Users, Groups, and Computers
What Are User Accounts? What Are Groups? Nesting Groups Default Built-In Groups Computer Accounts Account Management Best Practices

13 What Are User Accounts? ü ü ü
A user account is an object that contains all of the information that defines a user in Windows Server 2008 R2 With a user account, you can: Allow or deny users to log on based on their identity ü Grant users access to processes and services ü Manage users' access to resources ü

14 What Are Groups? A group is a collection of user accounts, computer accounts, contacts, and other groups that you can manage as a single unit Two main types of groups: Security Distribution Three scopes of groups: Domain local Global Universal

15 Default Built-In Groups
You can use the built-in groups to simplify administration

16 Computer Accounts The most commonly used properties for computer accounts in AD DS are the Location and Managed By properties

17 Implementing Organizational Units
Why Use Organizational Units?

18 Why Use Organizational Units?
Organizational units in a domain An OU is a container within a domain Computer Account User Account You can deploy your OUs into a hierarchical structure based on geography, department, resources, management requirements, or a combination of all of these

19 Implementing Group Policy
What Is a GPO? Applying GPOs Creating and Managing GPOs Policies and Preferences

20 What Is a GPO? Group Policy enables IT administrators to automate one-to-many management of users and computers Use Group Policy to: Apply standard configurations Deploy software Enforce security settings Enforce a consistent desktop environment Local Group Policy is always in effect for local and domain users and local computer settings

21 Applying GPOs Computer starts User logs on Computer settings applied
Refresh Interval: Every 90 minutes Computer settings applied Startup scripts run User logs on Refresh Interval: Every 90 minutes User settings applied Logon scripts run

22 Creating and Managing GPOs
You can use a number of tools to create and manage GPOs, including the Group Policy Management Console

23 Summary Introducing AD DS Implementing AD DS
Managing Users, Groups, and Computers Implementing Organizational Units Implementing Group Policy

Download ppt "Implementing Active Directory Domain Services"

Similar presentations

Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Chapter 6 Introducing Active Directory

Chapter 6 Introducing Active Directory
Introduction to Active Directory

Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 4 Introduction to Active Directory and Account Management

Chapter 4 Introduction to Active Directory and Account Management
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory

Understanding Active Directory
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Vikram Thakur Introduction to Active Directory Structure.

Vikram Thakur Introduction to Active Directory Structure.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.
(ITI310) SESSIONS 9-10-11-12: Active Directory By Eng. BASSEM ALSAID.

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

Similar presentations

Ads by Google