Windows Server 2003 Active Directory: Perspective

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Windows Server 2003 Active Directory: Perspective"

Transcription

1 Mary I. Hubley, MaryAnn Richardson Technology Overview 25 September 2003 Windows Server 2003 Active Directory: Perspective Summary The Windows Server 2003 Active Directory lies at the core of the Windows Server 2003 network infrastructure, providing authentication and authorization services, central administration and information sharing. Table of Contents Technology Basics Technology Analysis Business Use Benefits and Risks Standards Technology Leaders Technology Alternatives Insight List Of Tables Table 1: Windows Server 2003 Active Directory Standards Support Gartner Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice.

2 Technology Basics Active Directory (AD) is the directory service in the Standard, Enterprise and Datacenter versions of the Windows Server 2003 family. (While Windows Web Server 2003 can participate in a directory service, it cannot operate one.) AD gives Windows administrators the ability to centrally organize, manage and control access to all network resources, including desktops and applications, as well as to monitor and manage network devices. It not only stores information about network resources but also provides a consistent way to name, describe, locate, manage and secure this information as it applies to both users and applications. Active Directory consists of both logical and physical components. Each must be taken into consideration when designing the network infrastructure. AD s logical components organize network resources to match the organizational structure. AD s physical components configure and control where and when data replication and login traffic can occur over the network. Active Directory s Logical Structure The basic logical component in AD is the domain, defined by the administrator as a collection of computers that share a common directory database, security policies and security relationships. For example, an organization can set up a separate domain for each department or region. Domains, in turn, can be partitioned into Organizational Units (OUs). An OU is a collection of users and computers that have been given certain administrative rights. Instead of having one person administer an entire domain, AD let s you delegate specific administrative tasks over organizational units. For example, under the domain headquarters you can create an OU named HR that contains all user accounts and computer objects for that department. Then, you can delegate the responsibility for maintaining passwords to someone in that department. If necessary, you can also delegate the authority to create, delete or manage user accounts or groups within the OU, Multiple domains can be organized into trees. A tree is a hierarchical arrangement of domains that have the same Domain Name System (DNS) name. When a domain is added to an existing tree, the new domain becomes a child domain of the parent domain. The name of the child domain is combined with the DNS name of the parent to form the child s DNS name. Trees can be grouped into forests. A forest is a group of trees that do not share a common DNS name but do share a common configuration and schema an attribute repository that allows attributes and object classes to be redefined separately from the AD objects. Every domain in a forest can share resources and administrative functions with the other trees in the forest. Every domain trusts every other domain in a forest. The forest is the security boundary not the domain. Trusts can be established between two forests to provide a one-way or two-way transitive trust relationship between every domain residing within each forest. For example, forest-to-forest trusts can be established between companies undergoing mergers or acquisitions, or between collaborative business extranets. One- or two-way transitive and nontransitive trusts can be established between any non-windows Kerberos v.5 realm and a Windows Server 2003 domain. Active Directory also supports one-way, nontransitive trusts for connections to Windows NT networks from an external organization. Active Directory s Physical Structure 25 September

3 Active Directory s Physical Structure consists of these basic components: site, domain controller (DC) and Global Catalog Server (GCS). A site is a high-speed subnet, or subnets, connected by a high-speed link. A domain controller is a Windows 2000 or Windows 2003 Server computer that stores a replica of the AD logical structure. Because AD s logical and physical structures are independent of each other, a single site can have multiple domains, or there can be multiple sites in a single domain. The domain controllers manage the directory structure, including: Multimaster replication change management User logon management Authentication and directory searches The Global Catalog Server is a separate Windows 2000 or Windows Server 2003 computer that stores a subset of the object attributes contained on a domain controller, including schema, configuration, a read/write copy of the local domain and partial replicas of the other domains in the forest. Once a user has successfully logged on to a DC, the user s universal group membership is obtained from the GCS and stored on the local DC cache. When the user logs into the DC again, the DC can check the cache to verify the user rather than contact the GCS. This reduces demand on slow or unreliable networks and maintains availability even if the GCS is down. AD s Group Policy features give administrators the ability to specify Group Policy settings for a site, domain or OU. Multimaster Replication Because AD is based on a multimaster replication model, changes to any AD object can be made to any domain controller in a network, and those changes will be automatically replicated to the rest of the domain controllers in the domain. The Knowledge Consistency Checker (KCC) calculates the best connections for replications to the domain controllers based on site knowledge. The following protocols are used for data replication: Remote procedure call (RPC) Active Directory replication uses RPC over IP for replication within a site. Domain, schema, configuration and global catalog replication can take place over RPC. Simple Mail Transfer Protocol (SMTP) SMTP supports schema configuration and global catalog replication. However, you cannot use SMTP to replicate the domain partition to domain controllers of the same domain. This is because some domain operations, such as Group Policy, require the support of the File Replication service (FRS), which does not yet support an asynchronous transport for replication. Only RPC can be used to replicate the domain partition. Features Specific to Windows Server 2003 family While Active Directory is operable on Windows 2000 servers and will work in mixed Windows 2000/2003/NT environments, to take advantage of all of its features, AD must be installed on a computer running Windows Server Features that work only with Windows Server 2003 include: Schema management Support for inetorgperson schema Domain Rename 25 September

4 Tools for creating cross-forest trusts Enhanced AD health monitoring Resultant Set of Policy (RSoP) tool for verifying policies in effect for any user or computer on a domain Setup Wizard Support for over 5,000 members in a Group Ability to disable replication compression Schema Management The Windows Server 2003 AD database comes with 200 object types and over 1,000 attributes. By modifying the schema, users can extend this number, as well as deactivate some, but none can be deleted. Schema modifications must be based on standard X.500 naming conventions and cannot conflict with other modifications. Schema modifications are replicated to every domain controller in the forest; to avoid AD from becoming corrupted through schema object conflict, schema modification must be managed in a structured manner. AD Application Mode For organizations that don t require the full functionality of AD, Windows Server 2003 provides AD Application Mode (AD/AM) Server, a lightweight version of AD with a different schema that provides application directories without requiring the complex authentication services inherent in AD. Upgrading to Windows Server 2003 AD Active Directory can be installed at one of the following domain functional levels: Windows 2000 mixed supports Windows NT 4.0, Windows 2000 and Windows Server 2003 family domain controllers Windows 2000 native supports Windows 2000 and Windows Server 2003 family domain controllers Windows Server 2003, Interim supports Windows NT 4.0 and Windows 2000 and Windows Server 2003 family domain controllers Windows Server 2003 supports Windows Server 2003 family domain controllers While AD can be installed on Windows NT or Windows 2000 servers, users must upgrade to the Windows Server 2003 domain functional level to take advantage of Windows Server 2003-specific features, such as schema management, support for Kerberos Key Distribution Center (KDC) version numbers, domain rename, cross-forest trusts and the inetorgperson class. Windows Server 2003, Interim is used only for direct upgrades from Windows NT 4.0 to the Windows Server 2003 family, directly bypassing Windows Windows 2000 domain controllers will not function in a Windows Server 2003, Interim installation. Domain controllers running earlier operating systems cannot be introduced into a domain functional level that does not support them. Once you have raised the domain functional level, you cannot lower it. Active Directory Migration Tool (ADMT) Version 2 of ADMT for migrating NT domains to AD adds support for password migration between domains, and scripting and command-line interfaces that allow the development and testing of migration scripts. 25 September

5 Technology Analysis AD gives the organization a great deal of flexibility in setting up its network infrastructure. However, not all structural combinations will work with every organization. For example, AD allows multilevel nesting of organization units or groups, but when deployed to more than five levels, the resultant structure can lead to poor performance. Since domain setup involves translating job functions into AD access rights, failure to account for the political aspects of this process can result in significant delays in design and deployment. It takes time to analyze the present organizational structure before changing or adapting it to AD. A documented migration plan should be in place, followed by a pilot migration, before AD is placed into production. DNS/WINS Compatibility Issues Because AD uses DNS for name resolution while Win NT domains use Windows Internet Naming Service (WINS), an NT upgrade will involve setting up a DNS server on an existing or new server and installing an additional copy of Windows 2000/2003 to run DNS. In a WinNT Server environment, a WINS server is used for name resolution and an Internet service provider s (ISP s) DNS server is used for Internet name resolution. Thus, a WinNT client is usually configured with two IP addresses, one for WINS and one for DNS. When NT clients are migrated to an AD environment that uses DNS for name resolution, all references to WINS IP addresses must be removed, and all DNS IP addresses must be reconfigured to a local DNS server rather than the ISP s Internet DNS Server. For Windows clients to access the Internet, the local DNS server must be configured to forward unresolved requests to the ISP s DNS server, Maintaining Availability In addition to migration planning, both maintenance and disaster recovery plans should be in place to guarantee maximum uptime and availability. The maintenance plan should include proactive monitoring, backups and defragmentation. Plans should include backing up and restoring the AD database in response to events that result in: A corrupted or invalid schema Missing DNS records Damaged or corrupted information An inoperable configuration Because the AD is continually in use, it is not possible to simply make a copy of it as with other database files. Instead, the AD backup utility must be used to perform a separate online backup of each DC, including the system-state data. Since all DCs in a domain are full-replica partners, a DC with no backup can still be restored from backup media (that is, tape, CD, DVD or file copy over a network). First, the AD backup utility should be used to create a backup of an existing domain controller onto external media. Then, the Active Directory Installation Wizard must be run to install the DC to the failed machine from the backup media. By default, AD runs the Garbage Collection process every 12 hours. This process removes Tombstones or remnants of deleted objects, as well as any unnecessary log files. It then performs an online defragmentation to reclaim space in the directory for new objects; however, this has no effect on file size. To reduce file size, the default online defragmentation should be supplemented with offline defragmentation to recover unused space. Offline defragmentation can be scheduled to occur on an asneeded basis by using Garbage Collection to log an event showing when the ratio of current DB size to 25 September

6 white-space content reaches a specified level. By helping to reduce the size of the AD database files, offline defragmentation can improve directory performance and availability. Desktop and Replication Requirements While all Windows clients can log into an AD domain and access shared resources, only Windows 2000 and Windows XP clients can use all of AD s features including Group Policies. Another factor that must be taken into consideration when implementing AD is replication requirements. AD won t function properly if it cannot complete its replication cycles due to inadequate network bandwidth or poorly configured DC hardware. Business Use AD is mainly deployed as an identity and applications manager for managing single sign-on, passwords, adding and deleting users, and user provisioning. Combined with Group Policy, AD controls security settings for remote desktop management, including: Automatic software distribution and installation Desktop configuration Software repair AD is also used in applications services. Third-party software, such as SAP and J.D. Edwards, can work with AD. Benefits and Risks Benefits: Desktop management Network security Ability to upgrade to Exchange 2000 which requires AD Central management of users throughout the enterprise Multimaster replication change management AD s delegation capabilities User access to millions of objects without knowledge of physical location or connection to the network Risks: AD migration and deployment involves specific costs that must be managed to minimize risk to the organization. These costs include: Windows 2000/2003 software licenses Staff retraining Third-party AD migration and management tool licenses Replacement or upgrade of older hardware devices including servers to be used as domain controllers (Microsoft s hardware compatibility list should be checked to ensure that existing hardware device drivers will continue to work with AD.) 25 September

7 Replacement or upgrade of desktop systems to take advantage of AD Group Policies Standards Table 1: Windows Server 2003 Active Directory Standards Support Standard Description Version Dynamic Host Configuration Protocol Network address management RFC 2131 DNS Dynamic update protocol Host names management RFC 2136, 2782 and 3007 Simple Network Time Protocol Distributed time service RFC 2030 Lightweight Directory Access Protocol (LDAP) v.3 Client directory access RFC 2251 LDAP C Directory application programming (API) LDAP Data Interchange Format (LDIF) Directory synchronization 2849 RFC 1823 LDAP Directory schema RFC 2247, 2252 and 2256 Kerberos v.5 Authentication RFC 1510 X.509 v# certificates Authentication ISO X.509 TCP/IP Network transport RFC 791 and 793 Technology Leaders An organization can use Microsoft-provided tools and utilities to deploy and manage AD, but users may find that the additional features provided by third-party tools make managing more complex environments easier. These products provide tools for migrating to AD from older network operating systems, as well as AD change management, monitoring, and event detection and correction. Leading vendors of AD management technologies include NetIQ ( Quest Software ( BindView Corporation ( and Aelita ( Netpro ( provides monitoring and security products for AD. Full Armor ( provides a management solution for group policies. Technology Alternatives An alternative to AD on Windows Platforms is Novell s edirectory. Insight When properly implemented, Windows Server 2003 Active Directory can enhance productivity and security within any size organization. These benefits, however, do not come without incurring substantial costs in licensing, hardware and network upgrades, staffing, setup and maintenance. 25 September

What CIOs Want to Know About Microsoft Active Directory

What CIOs Want to Know About Microsoft Active Directory IGG-01222003-01 J. Enck Article 22 January 2003 What CIOs Want to Know About Microsoft Active Directory Active Directory deployments are increasing and so are questions about the technology. Gartner addresses

More information

WINDOWS 2000 Training Division, NIC

WINDOWS 2000 Training Division, NIC WINDOWS 2000 Active TE Directory Services WINDOWS 2000 Training Division, NIC Active Directory Stores information about objects on the network and makes this information easy for administrators and users

More information

Forests, trees, and domains

Forests, trees, and domains Active Directory is a directory service used to store information about the network resources across a. An Active Directory (AD) structure is a hierarchical framework of objects. The objects fall into

More information

9. Which is the command used to remove active directory from a domain controller? Answer: Dcpromo /forceremoval

9. Which is the command used to remove active directory from a domain controller? Answer: Dcpromo /forceremoval 1. What is Active Directory schema? Answer: The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data. 2. What is global catalog

More information

Lesson Plans LabSim for Microsoft s Implementing a Server 2003 Active Directory Infrastructure

Lesson Plans LabSim for Microsoft s Implementing a Server 2003 Active Directory Infrastructure Lesson Plans LabSim for Microsoft s Implementing a Server 2003 Active Directory Infrastructure (Exam 70-294) Table of Contents Course Overview... 2 Section 1.1: Introduction to Active Directory... 3 Section

More information

Introduction to Active Directory Services

Introduction to Active Directory Services Introduction to Active Directory Services Tom Brett A DIRECTORY SERVICE A directory service allow businesses to define manage, access and secure network resources including files, printers, people and

More information

Windows Server 2003 Active Directory MST 887. Course Outline

Windows Server 2003 Active Directory MST 887. Course Outline Content and/or textbook subject to change without notice. Pennsylvania College of Technology Workforce Development & Continuing Education Windows Server 2003 Active Directory MST 887 Course Outline Course

More information

Windows.NET Beta 3 Active Directory New Features

Windows.NET Beta 3 Active Directory New Features Windows.NET Beta 3 Active Directory New Features Wolfgang Werner Compaq Decus Bonn 2002 Agenda Install Replica from Media Domain Controller Rename Domain Rename Universal Group Membership Caching Linked

More information

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Length: 5 Days Published: June 02, 2011 Language(s): English Audience(s): IT Professionals Level: 200

More information

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services About this Course Configuring and Troubleshooting Windows This five-day instructor-led course provides in-depth training on implementing, configuring, managing and troubleshooting Active Directory Domain

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Active Directory About this Course This five-day instructor-led course provides in-depth training on implementing, configuring, managing and troubleshooting (AD DS) in and R2 environments. It covers core

More information

NE-6425C Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

NE-6425C Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services NE-6425C Configuring and Troubleshooting Windows Server 2008 Active Domain Services Summary Duration Vendor Audience 5 Days Microsoft IT Professionals Published Level Technology 02 June 2011 200 Windows

More information

6425C - Windows Server 2008 R2 Active Directory Domain Services

6425C - Windows Server 2008 R2 Active Directory Domain Services Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Introduction This five-day instructor-led course provides in-depth training on configuring Active Directory Domain Services

More information

Designing the Active Directory Structure

Designing the Active Directory Structure 253 CHAPTER 9 Designing the Active Directory Structure Microsoft Windows 2000 Server includes a directory service called Active Directory. The Active Directory concepts, architectural elements, and features

More information

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services www.etidaho.com (208) 327-0768 Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services 5 Days About this Course This five-day instructor-led course provides in-depth

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course Details Course Outline Module 1: Introducing Active Directory Domain Services This module provides

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course Code: M6425 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Overview This five-day instructor-led course

More information

MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services

MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services MS-6425C - Configuring Windows Server 2008 Active Directory Domain Services Table of Contents Introduction Audience At Clinic Completion Prerequisites Microsoft Certified Professional Exams Student Materials

More information

MCSE Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring

MCSE Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring MCSE Objectives Exam 70-236: TS:Exchange Server 2007, Configuring Installing and Configuring Microsoft Exchange Servers Prepare the infrastructure for Exchange installation. Prepare the servers for Exchange

More information

Active Directory. By: Kishor Datar 10/25/2007

Active Directory. By: Kishor Datar 10/25/2007 Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory Collection of related objects Files, Printers, Fax servers etc. Directory Service Information needed to use and manage

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Length: 5 Days Language(s): English Audience(s): IT Professionals Level: 200 Technology: Windows Server

More information

Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services About this Course This five-day instructor-led course provides to teach Active Directory Technology Specialists

More information

CGIAR Active Directory Design Assessment DRAFT. 18 September 2007

CGIAR Active Directory Design Assessment DRAFT. 18 September 2007 CGIAR Active Directory Design Assessment DRAFT 18 September 2007 1170 Hamilton Court Menlo Park, California 94025 www.cgnet.com Table of Contents 1. Executive Summary...3 2. Introduction...4 3. Alternative

More information

ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days

ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days ExecuTrain Course Outline Configuring & Troubleshooting Windows Server 2008 Active Directory Domain Services MOC 6425C 5 Days Introduction This five-day instructor-led course provides in-depth training

More information

MCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing

MCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing MCTS Guide to Microsoft Windows 7 Chapter 13 Enterprise Computing Objectives Understand Active Directory Use Group Policy to control Windows 7 Control device installation with Group Policy settings Plan

More information

Restructuring Active Directory Domains Within a Forest

Restructuring Active Directory Domains Within a Forest C H A P T E R 1 2 Restructuring Active Directory Domains Within a Forest Restructuring Active Directory directory service domains within a forest with the goal of reducing the number of domains allows

More information

6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course Details Course Code: Duration: Notes: 6425C 5 days This course syllabus should be used to determine whether

More information

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Five Days, Instructor-Led About this course This five-day instructor-led course provides in-depth training

More information

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003:

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: MCSE SYLLABUS Course Contents : Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: Managing Users, Computers and Groups. Configure access to shared folders. Managing and Maintaining

More information

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10 Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425 Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425 Course Outline Module 1: Introducing Active Directory Domain Services This module provides an overview of Active Directory

More information

70-640 R4: Configuring Windows Server 2008 Active Directory

70-640 R4: Configuring Windows Server 2008 Active Directory 70-640 R4: Configuring Windows Server 2008 Active Directory Course Introduction Course Introduction Chapter 01 - Installing the Active Directory Role Lesson: What is IDA? What is Active Directory Identity

More information

Active Directory Restructuring Recommendations

Active Directory Restructuring Recommendations Active Directory Restructuring Recommendations Version 2.0 - Final September 7, 2004 Authored By: Jenn Goth Microsoft Services jgoth@microsoft.com Contributors: Brian Redmond Microsoft Services briar@microsoft.com

More information

MCSA Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring

MCSA Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring MCSA Objectives Exam 70-236: TS:Exchange Server 2007, Configuring Installing and Configuring Microsoft Exchange Servers Prepare the infrastructure for Exchange installation. Prepare the servers for Exchange

More information

Course 6425C: Five days

Course 6425C: Five days CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425C: Five

More information

Planning Domain Controller Capacity

Planning Domain Controller Capacity C H A P T E R 4 Planning Domain Controller Capacity Planning domain controller capacity helps you determine the appropriate number of domain controllers to place in each domain that is represented in a

More information

Windows Server 2008 Active Directory Resource Kit

Windows Server 2008 Active Directory Resource Kit Windows Server 2008 Active Directory Resource Kit Stan Reimer, Conan Kezema, Mike Mulcare, and Byron Wright with the Microsoft Active Directory Team To learn more about this book, visit Microsoft Learning

More information

Configuring Windows Server 2008 Active Directory

Configuring Windows Server 2008 Active Directory Configuring Windows Server 2008 Active Directory Course Number: 70-640 Certification Exam This course is preparation for the Microsoft Technical Specialist (TS) exam, Exam 70-640: TS: Windows Server 2008

More information

Designing the Active Directory

Designing the Active Directory CHAPTER 3 Designing the Active Directory IN THIS CHAPTER Introducing Active Directory 79 Designing the Solution: Using the Active Directory Blueprint 87 Putting the Blueprint into Action 89 Forest/Tree/Domain

More information

Websense Support Webinar: Questions and Answers

Websense Support Webinar: Questions and Answers Websense Support Webinar: Questions and Answers Configuring Websense Web Security v7 with Your Directory Service Can updating to Native Mode from Active Directory (AD) Mixed Mode affect transparent user

More information

MOC 6436A: Designing Active Directory Infrastructure and Services in Windows Server 2008

MOC 6436A: Designing Active Directory Infrastructure and Services in Windows Server 2008 MOC 6436A: Designing Active Directory Infrastructure and Services in Windows Server 2008 Course Number: 6436A Course Length: 5 Days Course Overview At the end of this five-day course, students will learn

More information

IT ACADEMY LESSON PLAN. Microsoft Windows Server Active Directory

IT ACADEMY LESSON PLAN. Microsoft Windows Server Active Directory 2008 IT ACADEMY LESSON PLAN Microsoft Windows Server Active Directory Microsoft Windows Server 2008 Active Directory: Lesson Plans Introduction Preparing to teach a course on Microsoft Windows Server 2008

More information

MCSE 2003. Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required)

MCSE 2003. Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required) MCSE 2003 Microsoft Certified Systems Engineer (MCSE) candidates on the Microsoft Windows Server 2003 track are required to satisfy the following requirements: Core Exams (6 Exams Required) Four networking

More information

Module 7: Implementing Sites to Manage Active Directory Replication

Module 7: Implementing Sites to Manage Active Directory Replication Module 7: Implementing Sites to Manage Active Directory Replication Contents Overview 1 Lesson: Introduction to Active Directory Replication 2 Lesson: Creating and Configuring Sites 14 Lesson: Managing

More information

How the Active Directory Installation Wizard Works

How the Active Directory Installation Wizard Works How the Active Directory Installation Wizard Works - Directory Services: Windows Serv... Page 1 of 18 How the Active Directory Installation Wizard Works In this section Active Directory Installation Wizard

More information

Managing an Active Directory Infrastructure

Managing an Active Directory Infrastructure 3 CHAPTER 3 Managing an Active Directory Infrastructure Objectives This chapter covers the following Microsoft-specified objectives for the Planning and Implementing an Active Directory Infrastructure

More information

Designing a Windows Server 2008 Active Directory Infrastructure and Services

Designing a Windows Server 2008 Active Directory Infrastructure and Services Course Code: M6436 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Designing a Windows Server 2008 Active Directory Infrastructure and Services Overview During this five-day course, delegates

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course Number: 6425C Course Length: 5 Days Course Overview This five-day course provides in-depth training on implementing,

More information

Designing Windows Server 2008 Active Directory Infrastructure and Services Course 6436B; 5 Days, Instructor-led

Designing Windows Server 2008 Active Directory Infrastructure and Services Course 6436B; 5 Days, Instructor-led Designing Windows Server 2008 Active Directory Infrastructure and Services Course 6436B; 5 Days, Instructor-led Course Description During this five-day course, students will learn how to design an Active

More information

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician Course 50331D: Windows 7, Enterprise Desktop Support Technician Page 1 of 11 Windows 7, Enterprise Desktop Support Technician Course 50331D: 4 days; Instructor-Led Introduction This four-day instructor-ledcourse

More information

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Windows 7, Enterprise Desktop Support Technician Course 50331: 5 days; Instructor-led

More information

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks

More information

Module 1: Introduction to Active Directory Infrastructure

Module 1: Introduction to Active Directory Infrastructure Module 1: Introduction to Active Directory Infrastructure Contents Overview 1 Lesson: The Architecture of Active Directory 2 Lesson: How Active Directory Works 10 Lesson: Examining Active Directory 19

More information

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2 Islamic University of Gaza College of Engineering Computer Department Computer Networks Lab Introduction to Administering Accounts and Resources Prepared By: Eng.Ola M. Abd El-Latif Mar. /2010 0 :D Objectives

More information

Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements

Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements Analyze the impact of Active Directory on the existing technical environment. Analyze hardware and software

More information

Dell Compellent Storage Center

Dell Compellent Storage Center Dell Compellent Storage Center Active Directory Integration Best Practices Guide Dell Compellent Technical Solutions Group January, 2013 THIS BEST PRACTICES GUIDE IS FOR INFORMATIONAL PURPOSES ONLY, AND

More information

"Charting the Course... ... to Your Success!" MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary

Charting the Course... ... to Your Success! MOC 50331 D Windows 7 Enterprise Desktop Support Technician Course Summary Description Course Summary This course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows 7 desktop or laptop computer. It will also help test

More information

Managing and Maintaining a Windows Server 2003 Network Environment

Managing and Maintaining a Windows Server 2003 Network Environment Managing and maintaining a Windows Server 2003 Network Environment. AIM This course provides students with knowledge and skills needed to Manage and Maintain a Windows Server 2003 Network Environment.

More information

University of Maryland Active Directory Policies

University of Maryland Active Directory Policies University of Maryland Active Directory Policies Purpose of this policy Scope AD Forest Forest Schema & Data Visibility Account and Group Synchronization Account Creation and Password Forest Security Principle

More information

MICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track

MICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track MICROSOFT CERTIFIED SYSTEMS ENGINEER Windows 2003 Track In recent years Microsoft s MCSE programs has established itself as the premier computer and networking industry certification. For the Windows 2003

More information

Microsoft. Official Course. Introduction to Active Directory Domain Services. Module 2

Microsoft. Official Course. Introduction to Active Directory Domain Services. Module 2 Microsoft Official Course Module 2 Introduction to Active Directory Domain Services Module Overview Overview of AD DS Overview of Domain Controllers Installing a Domain Controller Lesson 1: Overview of

More information

Chapter 3: Building Your Active Directory Structure Objectives

Chapter 3: Building Your Active Directory Structure Objectives Chapter 3: Building Your Active Directory Structure Page 1 of 46 Chapter 3: Building Your Active Directory Structure Objectives Now that you have had an introduction to the concepts of Active Directory

More information

ADMT v3.1 Guide: Migrating and Restructuring Active Directory Domains

ADMT v3.1 Guide: Migrating and Restructuring Active Directory Domains ADMT v3.1 Guide: Migrating and Restructuring Active Directory Domains Microsoft Corporation Published: July 2008 Authors: Moon Majumdar, Brad Mahugh Editors: Jim Becker, Fran Tooke Abstract This guide

More information

Windows Server 2008 R2 Essentials

Windows Server 2008 R2 Essentials Windows Server 2008 R2 Essentials Installation, Deployment and Management 2 First Edition 2010 Payload Media. This ebook is provided for personal use only. Unauthorized use, reproduction and/or distribution

More information

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 12 Course Page - Page 1 of 12 Windows 7 Enterprise Desktop Support Technician M-50331 Length: 5 days Price: $2,795.00 Course Description This five-day instructor-led course provides students with the knowledge

More information

Actualtests.com - The Power of Knowing

Actualtests.com - The Power of Knowing Explanation: We should use Global Security groups. QUESTION 87 You are the network administrator for Certkiller.com. Your network consists of a single Active Directory domain named Certkiller.com. All

More information

Introduction to Auditing Active Directory

Introduction to Auditing Active Directory Introduction to Auditing Active Directory Prepared and presented by: Tanya Baccam CPA, CITP, CISSP, CISA, CISM, GPPA, GCIH, GSEC, OCP DBA Baccam Consulting LLC tanya@securityaudits.org Objectives Understand

More information

Agency Pre Migration Tasks

Agency Pre Migration Tasks Agency Pre Migration Tasks This document is to be provided to the agency and will be reviewed during the Migration Technical Kickoff meeting between the ICS Technical Team and the agency. Network: Required

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services 6425 - Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Duration: 5 days Course Price: $2,975 Software Assurance Eligible Course Description Microsoft Windows Server

More information

Active Directory. Learning Objective. Active Directory

Active Directory. Learning Objective. Active Directory (November 19, 2015) Abdou Illia, Fall 2015 1 Learning Objective Use concepts Namespace DNS Global Catalog Schema Class Tree Forest Organizational Units 2 AD = A Central Database on a Domain Controller

More information

2003 O/S. when installed (gets installed as a stand alone server) to promoting to D.C. We have to install A.D.

2003 O/S. when installed (gets installed as a stand alone server) to promoting to D.C. We have to install A.D. ACTIVE DIRECTORY AD: Is a centralized database where it contains the information about the objects like users, groups, computers, printers etc. AD is a centralized hierarchical Directory Database. AD is

More information

ADMT v3 Migration Guide

ADMT v3 Migration Guide ADMT v3 Migration Guide Microsoft Corporation Published: November 2006 Abstract This guide explains how to use the Active Directory Migration Tool version 3 (ADMT v3) to restructure your operating environment.

More information

Unit 11: Installing, Configuring and Administering Microsoft Windows Professional

Unit 11: Installing, Configuring and Administering Microsoft Windows Professional Unit 11: Installing, Configuring and Administering Microsoft Windows Professional Learning Outcomes A candidate following a programme of learning leading to this unit will be able to: Log on, access and

More information

Implementing and Supporting Microsoft Windows XP Professional

Implementing and Supporting Microsoft Windows XP Professional Implementing and Supporting Microsoft Windows XP Professional Key Data Course #: 2272C Number of Days: 5 Format: Instructor-led The purpose of this course is to address the implementation and desktop support

More information

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION

ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE CATALOG DESCRIPTION ANNE ARUNDEL COMMUNITY COLLEGE ARNOLD, MARYLAND COURSE OUTLINE COURSE: Windows 2003 Server COURSE NO: CSI 265 CREDIT HOURS: 3 hours of lecture weekly DEPARTMENT: CATALOG DESCRIPTION CSI 265 Windows 2003

More information

Module 10: Maintaining Active Directory

Module 10: Maintaining Active Directory Module 10: Maintaining Active Directory Contents Overview 1 Lesson: Introduction to Maintaining Active Directory 2 Lesson: Moving and Defragmenting the Active Directory Database 6 Lesson: Backing Up Active

More information

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course Number: 6425B Course Length: 5 Days Course Overview This five-day course provides to teach Active Directory Technology

More information

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed. CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! 50331 - Windows 7, Enterprise Desktop Support Technician Duration: 5 days About this Course This five-day

More information

8.7. Target Exchange 2010 Environment Preparation

8.7. Target Exchange 2010 Environment Preparation 8.7 Target Exchange 2010 Environment Preparation 2011 Quest Software, Inc. ALL RIGHTS RESERVED. This document contains proprietary information protected by copyright. The software described in this document

More information

Network System Management. Creating an Active Directory Domain

Network System Management. Creating an Active Directory Domain Network System Management Creating an Active Directory Domain Objectives Identify the procedures involved in the promotion of a stand-alone Windows Server to an active directory services (ADS) domain controller

More information

Directory, Configuring

Directory, Configuring MCTS 70-640 Cert Guide: Windows Server 2008 Active Directory, Configuring Don Poulton Pearson 800 East 96th Street Indianapolis, Indiana 46240 USA iv MCTS 70-640 Cert Guide: Windows Server 2008 Active

More information

ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server

ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server Inhalte Teil 01 Network Architecture Standards Network Components and Terminology Network Architecture Network Media Access Control Methods

More information

MOC 5047B: Intro to Installing & Managing Microsoft Exchange Server 2007 SP1

MOC 5047B: Intro to Installing & Managing Microsoft Exchange Server 2007 SP1 MOC 5047B: Intro to Installing & Managing Microsoft Exchange Server 2007 SP1 Course Number: 5047B Course Length: 3 Days Certification Exam This course will help you prepare for the following Microsoft

More information

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

Open Directory. Apple s standards-based directory and network authentication services architecture. Features Open Directory Apple s standards-based directory and network authentication services architecture. Features Scalable LDAP directory server OpenLDAP for providing standards-based access to centralized data

More information

CA ARCserve and CA XOsoft r12.5 Best Practices for protecting Microsoft SQL Server

CA ARCserve and CA XOsoft r12.5 Best Practices for protecting Microsoft SQL Server CA RECOVERY MANAGEMENT R12.5 BEST PRACTICE CA ARCserve and CA XOsoft r12.5 Best Practices for protecting Microsoft SQL Server Overview Benefits The CA Advantage The CA ARCserve Backup Support and Engineering

More information

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR DOCUMENTUM @ EROOM

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR DOCUMENTUM @ EROOM SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR DOCUMENTUM @ EROOM Abstract This paper explains how to setup Active directory service on windows server 2008.This guide also explains about how to install

More information

Introduction. Versions Used Windows Server 2003

Introduction. Versions Used Windows Server 2003 Training Installing Active Directory Introduction As SonicWALL s products and firmware keeps getting more features that are based on integration with Active Directory, e.g., Active Directory Connector

More information

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב ע"ש ספיר

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב עש ספיר מודולות הלימוד של מייקרוסופט הקורס מחולק ל 4 מודולות כמפורט:.1Configuring Microsoft Windows Vista Client 70-620 Installing and upgrading Windows Vista Identify hardware requirements. Perform a clean installation.

More information

Best Practices for Designing a Secure Active Directory: Multi-Org Exchange Edition. written by Dmitry Sotnikov, Aelita Software.

Best Practices for Designing a Secure Active Directory: Multi-Org Exchange Edition. written by Dmitry Sotnikov, Aelita Software. Best Practices for Designing a Secure Active Directory: Multi-Org Exchange Edition written by Dmitry Sotnikov, Aelita Software White Paper Abstract This paper discusses how to select the optimal design

More information

Owner of the content within this article is www.msexchange.org Written by Marc Grote www.it-training-grote.de

Owner of the content within this article is www.msexchange.org Written by Marc Grote www.it-training-grote.de Owner of the content within this article is www.msexchange.org Written by Marc Grote www.it-training-grote.de Microsoft Exchange 2003 GAL Sync with the Identity Integration Feature Pack (IIFP) Written

More information

With Windows Server 2003 Active Directory

With Windows Server 2003 Active Directory Understanding Active Directory Domains and Trusts With Windows Server 2003 Active Directory Domains and Trusts structure, you can control the information flow, access to resources, security, and the type

More information

50331D Windows 7, Enterprise Desktop Support Technician (Windows 10 Curriculum)

50331D Windows 7, Enterprise Desktop Support Technician (Windows 10 Curriculum) This course can be purchased by authorized Microsoft Learning Centers at the Courseware Marketplace web-site. Microsoft Certified Trainers (MCTs) can get a free copy at the same website. About the Course

More information

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware

RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware RSA Authentication Manager 7.1 to 8.1 Migration Guide: Upgrading RSA SecurID Appliance 3.0 On Existing Hardware Contact Information Go to the RSA corporate website for regional Customer Support telephone

More information

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Course OutlineModule 1: Introducing Active Directory Domain Services This module provides an overview

More information

The Administrator Shortcut Guide tm. Active Directory Security. Derek Melber, Dave Kearns, and Beth Sheresh

The Administrator Shortcut Guide tm. Active Directory Security. Derek Melber, Dave Kearns, and Beth Sheresh The Administrator Shortcut Guide tm To Active Directory Security Derek Melber, Dave Kearns, and Beth Sheresh Chapter 4: Delegating Administrative Control...68 Data Administration...69 Delegating GPO Administration

More information

Administering Active Directory. Administering Active Directory. Reading. Review: Organizational Units. Review: Domains. Review: Domain Trees

Administering Active Directory. Administering Active Directory. Reading. Review: Organizational Units. Review: Domains. Review: Domain Trees Reading Read over the Active Directory material in your Network+ Guide I will be providing important materials Administering Active Directory If you don t understand certain concepts, please ask for help!

More information

Preparing leaders by blending high-demand tech skills with soft skills. Directory Services. General Course Syllabus. Prerequisites: IT 463

Preparing leaders by blending high-demand tech skills with soft skills. Directory Services. General Course Syllabus. Prerequisites: IT 463 Preparing leaders by blending high-demand tech skills with soft skills. IT 464 Directory Services General Course Syllabus 4 Credits Course Description This course teaches students through lectures, discussions,

More information

MCSA Security + Certification Program

MCSA Security + Certification Program MCSA Security + Certification Program 12 credit hours 270 hours to complete certifications Tuition: $4500 Information technology positions are high-demand occupations that support virtually all industries.

More information

70-417: Upgrading Your Skills to MCSA Windows Server 2012

70-417: Upgrading Your Skills to MCSA Windows Server 2012 70-417: Upgrading Your Skills to MCSA Windows Server 2012 Course Overview This course prepares students to demonstrate your real-world knowledge of Windows Server 2012 core infrastructure services. Exam

More information

Exchange Server Cookbook

Exchange Server Cookbook Exchange Server Cookbook Paul Robichaux, Missy Koslosky, and Devin t. Ganger CREILLT Beijing Cambridge Farnham Köln Paris Sebastopol Taipei Tokyo Table of Contents Preface xi 1. Getting Started 1 Cooking

More information