Академический Документы
Профессиональный Документы
Культура Документы
Active Directory is a centralized and standardized system that automates network management of user data, security and distributed resources and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments.
Divisions in AD:
: The collection of every object, its attributes and attribute syntax in the Active Directory. Forest can contain numerous domains, each sharing a common schema. : A collection of computers that share a common set of policies, a name and a database of their members. units: Containers in which domains can be grouped. They create a hierarchy for the domain and create the structure of the Active Directory's company in geographical or organizational terms. : Physical groupings independent of the domain and OU structure. Sites distinguish between locations connected by low- and high-speed connections and are defined by one or more IP subnets.
To transfer the FSMO role the administrator must be a member of the following group: FSMO Role Schema Domain Naming RID PDC Emulator Infrastructure Domain Admins Administrator must be a member of Schema Admins Enterprise Admins
Group Policy
Group Policies in Microsoft Active Directory to define settings for users and computers throughout a network. These setting are configured and stored in what are called Group Policy Objects (GPOs), which are then associated with Active Directory objects, including domains and sites. Group Policy Object (GPO) is a collection of settings that define what a system will look like and how it will behave for a defined group of users. Microsoft provides a program snap-in that allows you to use the Group Policy Microsoft Management Console (MMC). The MMC allows you to create a GPO that defines registry-based polices, security options, software installation and maintenance options, scripts options, and folder redirection options.
DHCP:
DHCP stands for "Dynamic Host Configuration Protocol". DHCP's purpose is to enable individual computers on an IP network to extract their configurations from a server (the 'DHCP server') or servers, in particular, servers that have no exact information about the individual computers until they request the information. The overall purpose of this is to reduce the work necessary to administer a large IP network. The most significant piece of information distributed in this manner is the IP address
DHCP Scopes
Scope - A range of IP addresses that the DHCP server can assign to clients that are on one subnet. Superscope - A range of IP addresses that span several subnets. The DHCP server can assign these addresses to clients that are on several subnets. Multicast scope - A range of class D addresses from 224.0.0.0 to 239.255.255.255 that can be assigned to computers when they ask for them. A multicast group is assigned to one IP address. Multicasting can be used to send messages to a group of computers at the same time with only one copy of the message. The Multicast Address Dynamic Client Allocation Protocol (MADCAP) is used to request a multicast address from a DHCP server.
DNS Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address.
Name Type
Description
Example
Root domain
This is the top of the tree, representing an unnamed level; it is sometimes shown as two empty quotation marks (""), indicating a null value. When used in a DNS domain name, it is stated by a trailing period (.) to designate that the name is located at the root or highest level of the domain hierarchy. In this instance, the DNS domain name is considered to be complete and points to an exact location in the tree of names. Names stated this way are FQDNs.
A single period (.) or a period used at the end of a name, such as example.microsoft.com.
Top-level domain
.com, which indicates a name registered to a business for commercial use on the Internet.
Secondlevel domain
Variable-length names registered to an individual or organization for use on the Internet. These names are always based on an appropriate top-level domain, depending on the type of organization or geographic location where a name is used.
microsoft.com. , which is the second-level domain name registered to Microsoft by the Internet DNS domain name registrar.
Subdomain
Additional names that an organization can create that are derived from the registered second-level domain name. These include
names added to grow the DNS tree of names in an organization and divide it into departments or geographic locations.
Names that represent a leaf in the DNS tree of names and identify a specific resource. Typically, the leftmost label of a DNS domain name identifies a specific computer on the network. For example, if a name at this level is used in a host (A) resource record, it is used to look up the IP address of computer based on its host name.
host-a.example.microsoft.com., where the first label (host-a) is the DNS host name for a specific computer on the network
edu
Educational institutions
org
Non-profit organizations
net
gov
mil
arpa
Reverse DNS
xx
Name Host (A) Alias (CNAME) Mail Exchanger (MX) Pointer (PTR) Service location (SRV)
Description For mapping a DNS domain name to an IP address used by a computer. For mapping an alias DNS domain name to another primary or canonical name. For mapping a DNS domain, name to the name of a computer that exchanges or forwards mail. For mapping a reverse DNS domain name based on the IP address of a computer that points to the forward DNS domain name of that computer. For mapping a DNS domain name to a specified list of DNS host computers that offer a specific type of service, such as Active Directory domain controllers. Other resource records as needed.
Port Number 1 5 7 18 20 21 22 23 25 29 37 42
Description TCP Port Service Multiplexer (TCPMUX) Remote Job Entry (RJE) ECHO Message Send Protocol (MSP) FTP -- Data FTP -- Control SSH Remote Login Protocol Telnet Simple Mail Transfer Protocol (SMTP) MSG ICP Time Host Name Server (Nameserv)
43 49 53 69 70 79 80 103 108 109 110 115 118 119 137 139 143 150 156 161 179 190
WhoIs Login Host Protocol (Login) Domain Name System (DNS) Trivial File Transfer Protocol (TFTP) Gopher Services Finger HTTP X.400 Standard SNA Gateway Access Server POP2 POP3 Simple File Transfer Protocol (SFTP) SQL Services Newsgroup (NNTP) NetBIOS Name Service NetBIOS Datagram Service Interim Mail Access Protocol (IMAP) NetBIOS Session Service SQL Server SNMP Border Gateway Protocol (BGP) Gateway Access Control Protocol (GACP)
194 197 389 396 443 444 445 458 546 547 563 569 1080
Internet Relay Chat (IRC) Directory Location Service (DLS) Lightweight Directory Access Protocol (LDAP) Novell Netware over IP HTTPS Simple Network Paging Protocol (SNPP) Microsoft-DS Apple QuickTime DHCP Client DHCP Server SNEWS MSN Socks
Description A complete set of all files you wish to back up. Think of this as your 'reference set'. You only need perform a full backup occasionally. A backup of those files which have changed since the last backup of any type.
Pros Provides a complete copy of all your data; makes it easy to locate files which need restoring.
incremental backup
Uses the lease time and space as only those files changed since the last backup are copied; lets you back up multiple versions of the same file. Takes up less time and space than a full backup; provides for more efficient restoration than incremental backups.
differential backup
A backup of those files which have changes since the last full backup. Should be performed at regular intervals.
OSI Model Data unit Layer 7. Application Host layers Data 6. Presentation 5. Session Segment/Datagram Packet Media layers Frame 4. Transport 3. Network 2. Data Link Function Network process to application Data representation and encryption Interhost communication End-to-end connections and reliability Path determination and logical addressing Physical addressing (MAC & LLC) Media, signal and binary transmission, bits on a wire (0s and 1s)
Bit
1. Physical
Groups are useful for setting common privileges or type of access to a group of users. Security Groups: These are used for setting permissions on the objects (printer, data) it can also be used as a distribution groups. This can also be used for maintaining distribution list Distribution group: Do not provide security, used for e-mails.
SOA: is a Start of Authority record, which is a first record in DNS, which controls the startup behavior of DNS. We can configure TTL, refresh, and retry intervals in this record. What is Clustering? Briefly define & explain it Clustering is a technology, which is used to provide High Availability for mission critical applications. We can configure cluster by installing MCS (Microsoft cluster service) component from Add remove programs, which can only available in Enterprise Edition and Data center edition. In Windows we can configure two types of clusters NLB (network load balancing) cluster for balancing load between servers. This cluster will not provide any high availability. Usually preferable at edge servers like web or proxy. Server Cluster: This provides High availability by configuring active-active or active-passive cluster. In 2 node active-passive cluster one node will be active and one node will be stand by. When active server fails the application will FAILOVER to stand by server automatically. When the original server backs we need to FAILBACK the application Quorum: A shared storage need to provide for all servers which keeps information about clustered application and session state and is useful in FAILOVER situation. This is very important if Quorum disk fails entire cluster will fails Heartbeat: Heartbeat is a private connectivity between the servers in the cluster, which is used to identify the status of other servers in cluster