Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.

Published byAlexandra Gibson Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based."— Presentation transcript:

1 Module 12: Designing an AD LDS Implementation

2 AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based application directory Providing an extranet authentication store Consolidating identity systems Providing a schema development environment for AD DS Providing a configuration store for distributed applications in Windows Server Migrating legacy directory-enabled applications

3 Extranet Authentication Scenarios AD LDS can be used as an extranet authentication service in the following scenarios: Hosting user objects that are not Windows Security principals Using AD LDS as the authentication store with corporate account credentials provisioned on instance Deploying AD LDS as an extranet authentication store for AD FS

4 Lesson 2: Overview of an AD LDS Implementation Design Key Sizing Factors for AD LDS Servers AD LDS Replication Scenarios Integration of AD LDS with AD DS

5 Key Sizing Factors for AD LDS Servers When determining the size of your AD LDS implementation, follow these guidelines: If server performance is less important than the number of deployed servers, consider deploying multiple instances on one computer For best performance, deploy instances on separate computers Use x64 hardware and operating system Allocate sufficient CPU power for processing queries Allocate enough memory to cache the entire database

6 AD LDS Replication Scenarios Key points for AD LDS replication: AD LDS instances replicate data based on participation in a configuration set (CS) AD LDS replicates on an independent schedule from AD DS AD LDS instances in a CS can replicate any number of application directory partitions Directory partitions cannot be replicated between AD LDS instances and AD DS domain controllers Use AD LDS replication in the following scenarios: Providing load balancing Providing fault tolerance for AD LDS data Spanning multiple geographical location

7 Integration of AD LDS with AD DS To integrate AD LDS with AD DS, follow these guidelines: Use AD DS groups to assign permissions in AD DS whenever possible Ensure that AD LDS users with AD DS accounts can be authenticated against an AD DS domain controller Implement synchronization between AD DS and AD LDS to simplify management Use user proxy objects Synchronize data from an AD DS forest to a CS of an AD LDS instance with Adamsync.exe

8 Lesson 3: Designing AD LDS Schema and Replication Replication of AD LDS Data Planning AD LDS Replication Traffic across WAN Links AD LDS Sites and Site Links Guidelines for Designing AD LDS Schema and Replication

9 Replication of AD LDS Data AD LDS uses multimaster replication: All instances are writable Changes on one instance are replicated to the other instances AD LDS servers replicate changes to all servers Client adds “User 2” on Server 1 Client modifies “User 1” display name on Server 2 Server 2 Server 1 Server 3

10 You can view, grant, and deny access control on an object-by-object basis by using: Authentication and Authorization in AD LDS You can bind to an AD LDS instance: As an AD LDS security principal As a Windows security principal Through an AD LDS proxy object Dsacls LDP.exe

Download ppt "Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based."

Similar presentations

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
Implementing and Administering AD DS Sites and Replication

Implementing and Administering AD DS Sites and Replication
Module 14: Implementing an Active Directory Infrastructure.

Module 14: Implementing an Active Directory Infrastructure.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 16: Configuring Domain Controllers

Lesson 16: Configuring Domain Controllers
Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.

Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.
Module 10: Troubleshooting AD DS, DNS, and Replication Issues.

Module 10: Troubleshooting AD DS, DNS, and Replication Issues.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Understanding Active Directory

Understanding Active Directory
Understanding Active Directory

Understanding Active Directory
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Configuring File Services Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Configuring a File ServerConfigure a file server4.1 Using.

Configuring File Services Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Configuring a File ServerConfigure a file server4.1 Using.
Overview of Active Directory Domain Services Lesson 1.

Overview of Active Directory Domain Services Lesson 1.

Similar presentations

Ads by Google