Module 1: Introduction to Active Directory

Similar documents
Module 1: Introduction to Active Directory Infrastructure

Active Directory. By: Kishor Datar 10/25/2007

Forests, trees, and domains

Module 7: Implementing Sites to Manage Active Directory Replication

Introduction to Active Directory Services

WINDOWS 2000 Training Division, NIC

Windows Server 2003 Active Directory MST 887. Course Outline

Understanding. Active Directory Replication

Chapter 3: Building Your Active Directory Structure Objectives

Windows Server 2008 Active Directory Resource Kit

Implementing Domain Name Service (DNS)

Active Directory. Learning Objective. Active Directory

Lesson Plans LabSim for Microsoft s Implementing a Server 2003 Active Directory Infrastructure

Administering Active Directory. Administering Active Directory. Reading. Review: Organizational Units. Review: Domains. Review: Domain Trees

Windows Server 2003 Active Directory: Perspective

Module 4: Implementing User, Group, and Computer Accounts

Active Directory Restructuring Recommendations

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

Module 2: Implementing an Active Directory Forest and Domain Structure

Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements

Module 2. Configuring and Troubleshooting DNS. Contents:

Introduction to Auditing Active Directory

CGIAR Active Directory Design Assessment DRAFT. 18 September 2007

COURSE OUTLINE MOC 20413: DESIGNING AND IMPLEMENTING A SERVER INFRASTRUCTURE

Windows Server 2012 Directory Partition Containers- A Walk Through

IT ACADEMY LESSON PLAN. Microsoft Windows Server Active Directory

Configuring Sites and Understanding AD replication. Dante Villarroel Saavedra

Group Policy and Organizational Unit Re-Structuring Template

9. Which is the command used to remove active directory from a domain controller? Answer: Dcpromo /forceremoval

ms-help://ms.technet.2004jul.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/reskit/distsys/part1/dsgch06.htm

Designing the Active Directory Structure

Network System Management. Creating an Active Directory Domain

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Designing and Implementing a Server Infrastructure

Windows Server 2008 Active Directory Resource Kit

Managing and Maintaining a Windows Server 2003 Network Environment

LDAP Directory Integration with Cisco Unity Connection

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Designing a Windows Server 2008 Active Directory Infrastructure and Services

Designing Windows Server 2008 Active Directory Infrastructure and Services Course 6436B; 5 Days, Instructor-led

SKV PROPOSAL TO CLT FOR ACTIVE DIRECTORY AND DNS IMPLEMENTATION

MCTS Guide to Microsoft Windows 7. Chapter 13 Enterprise Computing

DNS: How it works. DNS: How it works (more or less ) DNS: How it Works. Technical Seminars Spring Paul Semple psemple@rm.

Ultimus and Microsoft Active Directory

R4: Configuring Windows Server 2008 Active Directory

Course: Fundamentals of Microsoft Server 2008 Active Directory

VNLINFOTECH JOIN US & MAKE YOUR FUTURE BRIGHT. mcsa (70-413) Microsoft certified system administrator. (designing & implementing server infrasturcure)

MCSE Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required)

Module 11. Configuring and Managing Distributed File System. Contents:

Module 3: Implementing an Organizational Unit Structure

Designing the Active Directory

Microsoft Windows 2000 Active Directory Service. Technology Overview

Planning Domain Controller Capacity

Designing and Implementing a Server Infrastructure

LearnKey's Windows Server 2003 Active Directory Infrastructure with Dale Brice-Nash

Installing and Configuring Windows Server 2012 MOC 20410

Designing and Implementing a Server Infrastructure

Partie Serveur Lab : Implement Group Policy. Create, Edit and Link GPOs. Lab : Explore Group Policy Settings and Features

COURSE 20413C: DESIGNING AND IMPLEMENTING A SERVER INFRASTRUCTURE

Designing and Implementing a Server Infrastructure

Integrating PISTON OPENSTACK 3.0 with Microsoft Active Directory

Designing and Implementing a Server Infrastructure

Deploying ModusGate with Exchange Server. (Version 4.0+)

Configuring User Identification via Active Directory

Designing and Implementing a Server Infrastructure 20413C; 5 days, Instructor-led

Designing and Implementing a Server Infrastructure

Outline. Definition. Name spaces Name resolution Example: The Domain Name System Example: X.500, LDAP. Names, Identifiers and Addresses

Faculty Details. : Assistant Professor ( OG. ),Assistant Professor (OG) Course Details. : B. Tech. Batch : : Information Technology

Designing and Implementing a Server Infrastructure

Course 20413: Designing and Implementing a Server Infrastructure

Designing and Implementing a Server Infrastructure MOC 20413

Configuring Windows Server 2008 Active Directory

Designing and Implementing a Server Infrastructure

Active Directory Objectives

User Management Guide

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

Desingning and Implementing a Server Infrastructure

Course 6425B: Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services

20410: Installing and Configuring Windows Server 2012

Understanding Active Directory. Heng Sovannarith

Restructuring Active Directory Domains Within a Forest

MS Installing and Configuring Windows Server 2012

ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server

Planning LDAP Integration with EMC Documentum Content Server and Frequently Asked Questions

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

5 Configuring a DNS Infrastructure

Windows Domain/Workgroup

EXAM Designing and Implementing a Server Infrastructure. Buy Full Product.

20413C: Designing and Implementing a Server Infrastructure

Chapter 2 Active Directory Design... 30

Active Directory LDAP Quota and Admin account authentication and management

Unit 11: Installing, Configuring and Administering Microsoft Windows Professional

Transcription:

Module 1: Introduction to Active Directory

Overview uintroduction to Active Directory uactive Directory Logical Structure urole of DNS in Active Directory uactive Directory Physical Structure umethods for Administering a Windows 2000 Network

Introduction to Active Directory uwhat Is Active Directory? uactive Directory Objects uactive Directory Schema ulightweight Directory Access Protocol (LDAP)

What Is Active Directory? Directory Service Functionality Centralized Management n Organize n Manage n Control Resources n Single point of administration n Full user access to directory resources by a single logon

uattributes Store Information About an Object Active Directory Objects Objects Active Directory Attributes Printers Printer1 Printers Users Printer Name Printer Location Attributes First Name Last Name Logon Name Users Printer2 Printer3 Don Hall Suzan Fine Attribute Value uobjects Represent Network Resources

Active Directory Schema Objects Class Examples Computers Users Printers Attributes of Users Might Contain: accountexpires department distinguishedname middlename Active Directory Schema Is: n Dynamically Available n Dynamically Updateable n Protected by DACLs Attribute Examples List of Attributes accountexpires department distinguishedname directreports dnshostname operatingsystem repsfrom repsto middlename

DNS and Active Directory Namespaces DNS Namespace Internet. (DNS root domain) com. Active Directory Namespace sales microsoft training microsoft.com training. microsoft.com computer1 sales. microsoft.com = DNS node (domain or computer) = Active Directory domain

Lightweight Directory Access Protocol (LDAP) uldap Provides a Way to Communicate with Active Directory by Specifying Unique Naming Paths for Each Object in the Directory uldap Naming Paths Include: n Distinguished names CN=Suzan Fine,OU=Sales,DC=contoso,DC=msft Suzan Fine n Relative distinguished names

Active Directory Logical Structure us uorganizational Units utrees and Forests uglobal Catalog

s ua Is a Security Boundary n A domain administrator can administer only within the domain, unless explicitly granted administration rights in other domains ua Is a Unit of Replication n controllers in a domain participate in replication and contain a complete copy of the directory information for their domain Replication Windows 2000

Organizational Units Network Administrative Model Sales Users Computers Organizational Structure Vancouver Sales Repair uuse OUs to Group Objects into a Logical Hierarchy That Best Suits the Needs of Your Organization udelegate Administrative Control over the Objects Within an OU by Assigning Specific Permissions to Users and Groups

Trees and Forests Two-Way Transitive Trust Forest contoso.msft Tree nwtraders.msft asia. contoso.msft au. contoso.msft Tree Two-Way Transitive Trusts asia. nwtraders.msft au. nwtraders.msft

Global Catalog Subset of the Attributes of All Objects Global Catalog Queries Group membership when user logs on Global Catalog Server

Introduction to the Role of DNS in Active Directory uname Resolution n DNS translates computer names to IP addresses n Computers use DNS to locate each other on the network unaming Convention for Windows 2000 s n Windows 2000 uses DNS naming standards for domain names n DNS domains and Active Directory domains share a common hierarchical naming structure ulocating the Physical Components of Active Directory n DNS identifies domain controllers by the services they provide n Computers use DNS to locate domain controllers and global catalog servers

DNS Host Names and Windows 2000 Computer Names n DNS host record and Active Directory. com. object represent the same physical computer n DNS allows computers to locate domain controllers within Active Directory sales microsoft training computer1 Active Directory training.microsoft.com Builtin Computers Computer1 Computer2 FQDN = computer1.training.microsoft.com Windows 2000 Computer Name = Computer1

DNS Requirements for Active Directory DNS Requirements to Support Active Directory Support for SRV records (mandatory) Support for the dynamic update protocol (recommended) Support for incremental zone transfers (recommended)

What Is a Tree? Tree Root Parent Parent contoso.msft Child Contiguous Namespace sales.contoso.msft Child sales.contoso.msft New

What Is the Forest Root? uthe Forest Root Is the First Created in a Forest Tree Root Forest Forest Root Global Catalog Configuration and Schema nwtraders.msft Tree contoso.msft Enterprise Admins Tree marketing.nwtraders.msft Schema Admins sales.contoso.msft

Characteristics of Multiple s Reduce Replication Traffic Maintain Separate and Distinct Security Policies Between s Preserve the Structure of Earlier Versions of Windows NT Separate Administrative Control

Active Directory Physical Structure u Controllers usites

Controllers Controllers: uparticipate in Active Directory replication uperform single master operations roles in a domain Replication Controller Controller = A Writeable Copy of the Active Directory Database

Sites Seattle Chicago New York Los Angeles Sites: u Optimize replication traffic IP subnet Site IP subnet uenable users to log on to a domain controller by using a reliable, high-speed connection

Introduction to Active Directory Replication Multimaster Replication with a Loose Convergence Controller B Replication Controller A Controller C

Replication Components and Processes uhow Replication Works ureplication Latency uresolving Replication Conflicts uoptimizing Replication

How Replication Works Active Directory Update n Add n Move n Modify n Delete Controller B Replicated Update Originating Update Replication Controller A Controller C Replicated Update

Replication Latency n n n Default Replication Latency (Change Notification) = 5 minutes When No Changes, Scheduled Replication = One Hour Urgent Replication = Immediate Change Notification Originating Update Controller A Change Notification Replication Change Notification Replicated Update Controller B Replicated Update Controller C

Resolving Replication Conflicts Controller A Stamp Originating Update Stamp Originating Update Controller B Conflict Conflict Stamp Version Number Timestamp Server GUID Conflicts Can Be Due to: u Attribute Value u Adding/Moving Under a Deleted Container Object or the Deletion of a Container Object u Sibling Name

Optimizing Replication Controller B GUID USN Up-To-Dateness Vector GUID Replicated Update USN Originating Update Controller A Controller C GUID Replicated Update USN

Replication Topology udirectory Partitions uwhat Is Replication Topology? uglobal Catalog and Replication of Partitions

Directory Partitions Directory Partitions Forest Schema Configuration contoso.msft Active Directory Database Contains definitions and rules for creating and manipulating all objects and attributes Contains information about Active Directory structure Holds information about all domain-specific objects created in Active Directory

What Is Replication Topology? A1 A2 B2 B1 A3 A4 B3 Controllers from from the Different Same s Topology A Topology B Topology Schema/Configuration Topology Schema/Configuration Topology

What Is Replication Topology? A1 A2 B2 B1 A3 A4 B3 Controllers from Different the Same s A Topology Topology B Topology Schema/Configuration Topology Schema/Configuration Topology

Using Active Directory for Centralized Management Active Directory: Search OU1 OU2 User1 Computer1 User2 Printer1 OU1 OU2 n Enables a single administrator to centrally manage resources n Allows administrators to easily locate information n Allows administrators to group objects into OUs n Uses Group Policy to specify policy-based settings Computers Users Users Printers Computer1 User1 User2 Printer1

Managing the User Environment 1 2 3 Apply Group Policy Once Windows 2000 Enforces Continually OU1 OU2 OU3 1 2 3 Use Group Policy to: ncontrol and lock down what users can do ncentrally manage software installation, repairs, updates, and removal nconfigure user data to follow users whether they are online or offline

Delegating Administrative Control OU1 Admin1 ssign Permissions: lfor specific OUs to other administrators lto modify specific attributes of an object in a single OU lto perform the same task in all OUs ustomize Administrative Tools to: lmap to delegated administrative tasks lsimplify interface design OU2 OU3 Admin2 Admin3

Review uintroduction to Active Directory uactive Directory Logical Structure urole of DNS in Active Directory uactive Directory Physical Structure umethods for Administering a Windows 2000 Network

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information