2.  Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates to Active Directory.  Identify Forest and Domain Functional Levels.

3.  A network service that identifies all resources on a network and makes those resources accessible to users and applications.  The most common directory service standards are:  X.500  Lightweight Directory Access Protocol (LDAP)

4.  Uses a hierarchical approach in which objects are organized in a similar way to the files and folders on a hard drive.

5.  Industry standard.  Slim-down version of X.500 modified to run over the TCP/IP network.

6.  A directory service that uses the “tree” concept for managing resources on a Windows network.  Stores information about the network resources and services, such as user data, printer, servers, databases, groups, computers, and security policies.  Identifies all resources on a network and makes them accessible to users and applications.

7.  Used in:  Windows 2000  Windows Server 2003  Windows Server 2008  Subsequent versions of Active Directory have introduced new functionality and security features.

8.  Windows Server 2008 provides two directory services:  Active Directory Domain Services (AD DS)  Active Directory Lightweight Directory Services (AD LDS)

9.  Provides the full-fledged directory service that is referred to as Active Directory in Windows Server 2008 and previous versions of Windows Server.

10.  Server that stores the Active Directory database and authenticates users with the network during logon.  Stores database information in a file called ntds.dit.  Active Directory is a multimaster database.  Information is automatically replicated between multiple domain controllers.

11.  Centralized resource and security administration.  Single logon for access to global resources.  Fault tolerance and redundancy.  Simplified resource location.

12.  Active Directory provides a single point from which administrators can manage network resources and their associates’ security objects:  MMC Consoles found in Administrator Tools:  Active Directory Users and Computers  Active Directory Sites and Services  Active Directory Domains and Trusts  ADSI Edit

13.  Active Directory uses a multimaster domain controller design.  Changes made on one domain controller are replicated to all other domain controllers in the environment.  It is recommended to have two or more domain controllers for each domain.

14.  Introduced with Windows Server 2008.  A domain controller that contains a copy of the ntds.dit file that cannot be modified and that does not replicate its changes to other domain controllers with Active Directory.

15.  Allows file and print resources to be published within Active Directory.  Examples include:  Shared folders  Printers

16.  Forests – One or more domain trees, with each tree having its own unique name space.  Domain trees – One or more domains with contiguous name space.  Domains – A logical unit of computers and network resources that defines a security boundary.

17.  Some of these common attributes are as follows:  Unique name  Globally unique identifier (GUID)  Required object attributes  Optional object attributes

18.  Defines the objects stored within Active Directory the properties (attributes) associated within each object.  User has different properties, which has different properties than a group, which has different properties of a computer.

19.  Example:  cn=JSmith, ou=sales, dc=lucernepublishing, dc=com

20.  Provides name resolution for a TPC/IP network.  Active Directory requires DNS as the default name resolution method.  Example Resource Records (RR):  Host (A) – Host name to IP.  Pointer (PTR) – IP to Host name.  Service (SRV) – Locator service for LDAP/Domain controllers services.

21.  Allows interoperability with prior versions of Microsoft Windows.  Higher levels of functional level will not allow older versions of Windows to function but will add additional functionality or features.  Raising functional level is a one-way process.

24.  To raise the functional level of a forest, you must be logged on as a member of the Enterprise Admins group.  The functional level of a forest can be raised only on a server that holds the Schema Master role.

25.  Active Directory is a database of objects that are used to organize resources according to a logical plan.  These objects include containers such as domains and OUs in addition to resources such as users, computers, and printers.  The Active Directory schema includes definitions of all objects and attributes within a single forest.  Each forest maintains its own Active Directory schema.

26.  Active Directory requires DNS to support SRV records.  Microsoft recommends that DNS support dynamic updates.

27.  Domain and forest functional levels are features of Windows Server 2008.  The levels defined for each of these are based on the type of server operating systems that are required by the Active Directory design.  The Windows Server 2003 forest functional level is the highest functional level available and includes support for all Windows Server 2003 features.