Active Directory. Learning Objective. Active Directory



Similar documents
Active Directory. By: Kishor Datar 10/25/2007

Introduction to Active Directory Services

Forests, trees, and domains

9. Which is the command used to remove active directory from a domain controller? Answer: Dcpromo /forceremoval

Understanding Active Directory. Heng Sovannarith

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

WINDOWS 2000 Training Division, NIC

Windows Server 2003 Active Directory: Perspective

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements

Basic Configuration. Key Operator Tools older products. Program/Change LDAP Server (page 3 of keyop tools) Use LDAP Server must be ON to work

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Introduction. Versions Used Windows Server 2003

Active Directory Restructuring Recommendations

Introduction to Auditing Active Directory

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

Chapter 3: Building Your Active Directory Structure Objectives

CHAPTER THREE. Managing Groups

Module 1: Introduction to Active Directory Infrastructure

CGIAR Active Directory Design Assessment DRAFT. 18 September 2007

Active Directory Integration

Administering Active Directory Administering W2K Server

How to monitor AD security with MOM

Faculty Details. : Assistant Professor ( OG. ),Assistant Professor (OG) Course Details. : B. Tech. Batch : : Information Technology

Windows Server 2003 Active Directory MST 887. Course Outline

Planning Domain Controller Capacity

Network System Management. Creating an Active Directory Domain

Contents Introduction... 3 Introduction to Active Directory Services... 4 Installing and Configuring Active Directory Services...

Configuring Sponsor Authentication

Active Directory integration with CloudByte ElastiStor

Quality Center LDAP Guide

Designing a Windows Server 2008 Active Directory Infrastructure and Services

Creating a Domain Tree

Configuring Windows Server 2008 Active Directory

Administering Active Directory. Administering Active Directory. Reading. Review: Organizational Units. Review: Domains. Review: Domain Trees

How To Set Up An Openfire With Libap On A Cdd (Dns) On A Pc Or Mac Or Ipad (Dnt) On An Ipad Or Ipa (Dn) On Your Pc Or Ipo (D

Deploying ModusGate with Exchange Server. (Version 4.0+)

How to install Small Business Server 2003 in an existing Active

Managing Users, Computers, & Groups

INUVIKA OVD VIRTUAL DESKTOP ENTERPRISE

Module 1: Introduction to Active Directory

Active Directory Monitoring With PATROL

Microsoft Network Operating Systems

How To Install And Configure Windows Server 2003 On A Student Computer

LDAP Directory Integration with Cisco Unity Connection

MCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing

Configuring Sites and Understanding AD replication. Dante Villarroel Saavedra

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Skyward LDAP Launch Kit Table of Contents

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

CONFIGURING ACTIVE DIRECTORY IN LIFELINE

Univention Corporate Server. Operation of a Samba domain based on Windows NT domain services

R4: Configuring Windows Server 2008 Active Directory

Designing Windows Server 2008 Active Directory Infrastructure and Services Course 6436B; 5 Days, Instructor-led

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Restructuring Active Directory Domains Within a Forest

Windows Domain/Workgroup

Installing and Configuring Windows Server 2012 MOC 20410

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide

Created by Hotline Support Konica Minolta Hotline Support (UK) V1.2

The safer, easier way to help you pass any IT exams. Exam : Designing and Implementing a Server Infrastructure.

Using LDAP for User Authentication

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

Active Directory LDAP Quota and Admin account authentication and management

Windows.NET Beta 3 Active Directory New Features

How to Install the Active Directory Domain Services (AD DS) Role in Windows Server 2008 R2 and Promote a Server to a Domain Controller

NE-6425C Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

PineApp Surf-SeCure Quick

CardAccess 3000 V2.9.x New Features Configuration Guide

Configuring User Identification via Active Directory

Lab 3-3 Installing Active Directory

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Websense Support Webinar: Questions and Answers

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

How to Join QNAP NAS to Microsoft Active Directory (AD)

Designing the Active Directory

20410: Installing and Configuring Windows Server 2012

Configuring and Troubleshooting Windows 2008 Active Directory Domain Services

MS Installing and Configuring Windows Server 2012

Installing and Configuring Active Directory Agent

Windows Server 2012 / Windows 8 Audit Fundamentals

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain MOC 6425

User-ID Best Practices

Outline. Definition. Name spaces Name resolution Example: The Domain Name System Example: X.500, LDAP. Names, Identifiers and Addresses

Integrating LANGuardian with Active Directory

Active Directory Change Notifier Quick Start Guide

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Designing and Implementing a Server Infrastructure

Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

HP Device Manager 4.7

Course 6425C: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Transcription:

(November 19, 2015) Abdou Illia, Fall 2015 1 Learning Objective Use concepts Namespace DNS Global Catalog Schema Class Tree Forest Organizational Units 2 AD = A Central Database on a Domain Controller for storing network resources and security policies + Tools for managing network resources (find, add, remove, etc.) Win 2000 Pro Workstation User Printer Group Security Policies Win NT Server Win 2000 Server Ad is used for: Resource lookup (Searching for specific resources) User authentication (login) 1

structure Default classes Domain Shared folder Individual resources are called objects User Account Computer Group Printer Objects belong to classes Shared Drive Each Class has its own attributes defined in the Schema Object classes User account Computer Printer Domain Schema Object name Object s Globally Unique Identifier (GUID) Required attributes Optional attributes Syntax Parent relationship Examples: Username User s full name Password Examples: Account description Remote access OK Schema = Database design. Elements used in the definition of each object contained in the Replication In a Windows 200 network, you can create multiple domain controllers (DCs) Each DC stores a copy of the Each DC replicates changes in its copy of to other DCs. Replications 5 Global catalog (GC) During AD installation, W200 Server creates a Global Catalog on the 1 st DC The Global Catalog stores: Information about all objects in the initial DC Partial information about objects in other domains (attributes needed for search). An index and partial replica of objects and attributes most often used in AD database 6 2

Global Catalog (GC) Common attributes stored in the GC: users first and last names, logon names, email address GC is primarily for: Enabling users to find AD information from anywhere in the forest Providing authentication services when a user from another domain logs on with a User Principal Name (eg. john@east.contoso.com) Responding to directory lookup from application programs like Microsoft Exchange. When a Global Catalog server is not available, the user can only logon to the local computer. 7 Namespace and DNS Domain Name Service (DNS): Service that performs name resolutions, i.e. conversions between IP addresses and domain names Name resolutions take place in a logical area of the network called Namespace A Namespace includes (1) the Active Directory, which contains named objects and (2) one or more DNS servers 8 Types of namespaces Contiguous namespace: A namespace in which every child object contains the name of its parent object abc.com div1.abc.com div2.abc.com dept1.div1.abc.com dept1.div2.abc.com Contiguous Namespace Disjointed namespace: A namespace in which the child object name does not resemble the name of its parent object ethicsresearch.com university.edu technology.com bio.ethicsresearch.com cell.technology.com Disjointed Namespace 9

Active directory and DNS AD cooperates with DNS during logon process 10.1.10.25 Workstation Log on request for userid = john; pswd = ab10; protocol = LDAP Domain Controller 1 2 I need Domain Controller IP IP address is address Authentication = Yes; userid = john; pswd = ab10; protocol = LDAP fname lname userid OU domain Lizza Frulla Liz Sales contoso.com John Doe John Mktg contoso.com DNS Server 10.1.0.1 Workstation sends a DNS request for getting a DC IP address DNS server sends requested IP address Workstation sends a log on request to DC by user s credentials DC sends back authentication response to workstation 10 Active directory and DNS AD cooperates with DNS in locating network resources and services 10.1.10.25 Workstation Lookup request for firstname = john; lastname = Doe; protocol = LDAP Domain Controller 1 2 I need Domain Controller IP IP address is address DNS Server CN = John Doe, OU = Mktg, DC = contoso, DC = com fname lname userid OU domain Lizza Frulla Liz Sales contoso.com John Doe John Mktg contoso.com 10.1.0.1 Workstation sends a DNS request for getting a DC IP address DNS server sends requested IP address Workstation sends the DC a request for locating a user account DC sends back user s Unique Distinguish Name 11 Tree A tree contains one or more domains and has the following characteristics: 1) Domains are represented in a contiguous namespace 2) Two-way trust relationships between domains (each domain can access other domain resources) ) Member domains use the same Schema and Global Catalog tracksport.com east.tracksport.com south.tracksport.com west.tracksport.com north.tracksport.com 12

Forest Usually, a forest consists in more than one tree and has the following characteristics: 1) The trees use a disjoined namespace 2) All trees use the same Schema and Global Catalog Trust relationship between root domains of each tree partplus.com toronto. detroit. partplus.com partplus.com florence. atlanta. chicago. mexicocity. beijing. valencia. 1 Site A TCP/IP concept used to reflect the physical design of the network. It has the following characteristics: 1) Represents one or more IP subnets at the same location 2) High speed connection in the same site ) Low speed connection between sites Site 1 Site 2 Site Low speed connections Microsoft.com Single domain with single site Microsoft.com Single domain with multiple sites 1 Organizational Unit (OU) Similar to having subfolders in a folder Grouping of related objects, such as user accounts, computers and printers for easier management. OUs reflect functional structure of organization Objects are grouped in an OU to be administered using the same group policy. Manufacturing Division OU Distribution Division OU 15 5

Summary Questions 1) In AD, a stores information about all the objects in the initial DC and partial information about objects in other domains a) Forest b) Global Catalog c) Namespace d) Schema e) Site 2) Which of the following is a 128-bit number (that cannot change) assigned to an object? a) User Principal Name b) Universal Name c) Globally Unique Identifier ) When combining domains in a tree, you have named the parent domain univesity.com while the two child domains added to this parent are named computerscience.univesity.com and hystory.university.com. Which of the following options have you selected for naming the domains? a) Disjointed b) Contiguous c) User Principal Name d) Globally Unique Identifier 16 Summary Questions ) In, a represents the design of the AD database. It contains the definition of objects attributes. a) Class b) Global Catalog c) Namespace d) Schema 5) Which of the following statements is/are true regarding a site? a) High speed connections are used in the site, whereas low speed connections are used between sites b) A site represents one or more subnets at the same physical location. c) All of the above 6) Trees in a forest use: a) Different Global catalogs b) Same schema c) Always use the same naming structure 7) A(n) is a grouping of related objects, usually, based on the functional structure of the organization a) Site b) Organizational Unit c) tree 17 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information