Вы находитесь на странице: 1из 34

Overview of AD, DHCP, DNS, TCP/IP and Remote Access

Submitted By: Chandrashekar

Overview of Active Directory

Active Directory

Active Directory is the name given to the directory service employed in Windows Server 2003 Its dual role: to act as a data repository and to provide data to applications and features outside of AD

Hierarchical Base object Domain

Active Directory Structure






Domain Domain


Logical Components
Objects Domains Forests Trees Organizational Units (OU)


unit of Active Directory is known as object. Active Directory information in object. Object are users, computer shared folder, groups and printers.

Domains and Organizational Units


Organizational unit (OU)

Has a unique name Is organized in hierarchical levels Has an Active Directory replicated across its domain controllers A logical container used to organize domain objects Makes it easy to locate and manage objects Allows you to apply Group Policy settings Allows delegation of administrative control

An Active Directory Domain and OU Structure

Trees and Forests

Sometimes necessary to create multiple domains within an organization First Active Directory domain is the forest root domain A tree is a hierarchical collection of domains that share a contiguous DNS naming structure A forest is a collection of trees that do not share a contiguous DNS naming structure Transitive trust relationships exist among domains in trees and, optionally, in and across forests

An Active Directory Forest


Physical Components

Domain Controllers Sites

Server capable of authentication Maintains a copy of the Active Directory A well connected TCP/IP subnet


Domain Controllers ( DC )
Active Directory service installed Servers that provide authentication of domain members Data stores

NT Primary Domain Controllers (PDC)


Mixed Mode Windows 2003 DC running PDC emulation



A collection of computers connected via a highspeed network LAN IP subnet Sites relate to the physical layout of the network A site can contain multiple domains, and a domain can cross several sites Connect via slow speed links (WAN)


Types Of Trusts Available

Parent and Child Trust Relationship Tree-root Relationship External Trust Relationship Shortcut Trust Relationship Realm Trust Relationship Forest Trust Relationship

Functional level
Domain Functional levels
Mixed Mode NT, 2000 and 2003 Domain Controllers Native Mode 2000 and 2003 Domain Controllers Windows Server 2003 interim domain functional only when upgrading from NT Windows Server 2003 domain functional only 2003 DCs Windows 2000 NT, 2000 and 2003 DCs Windows Server 2003 Interim Windows Server 2003

Forest Functional Levels


Active Directory Terminology

Domain - a selection of computers, user accounts, or other objects that share a common security boundary
hierarchical structure of containers and objects unique DNS name security boundary


Overview of DHCP

Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol (DHCP) is a protocol for assigning dynamic IP addresses to hosts on a network. DHCP is built on a client-server model, where designated DHCP server allocates network addresses and delivers configuration parameters to dynamically configured clients.

Dynamic Host Configuration Protocol

DHCP server: a host providing configuration parameters through DHCP DHCP client: a host requesting configuration parameters from a DHCP server. DHCP consists of two components:

Overview of Domain Name System

Domains: a domain is a subtree of the domain name space. The name of the domain is the domain name of the node at the top of the sub-tree.


Domain Name

Domain Name: Each node in the tree has a domain name. Fully Qualified Domain Name ( FQDN ): A label which is terminated by a null string. It contains all labels, from the most specific to the most general, that unique defines the name of the host Partially Qualified Domain Name ( PQDN ): A PQDN starts from a node, but it does not reach the root. It is used when the name to be resolved belongs to the same site as the client. Here the resolver can supply the mission part, called the suffix, to create an FQDN.


The Domain Name Space

Domain name space : The names are defined in an inverted-tree structure with the root at the top. The tree can have only 128 levels.


Overview of TCP / IP

The TCP / IP Protocol Suite

Consists of four layers Network access layer(Physical Layer) Provides physical delivery of IP packets via frames or cells Internet layer(Network Layer): Contains the information so that data can be routed through an IP network. Host-to-host layer(Transport Layer): Services the process layer and Internet layer to handle reliability and session aspects of the transmissions Process layer(Application Layer): Application support

The TCP / IP Protocol Suite


Network Access Layer

TCP/IP relies on a physical network to deliver its packets (can be a LAN, a MAN, or a WAN) Characteristics Process data down from the TCP/IP stack to build and send frames or cells out to the network Sends frames or cells over the physical network, one bit at a time Process data up to the TCP/IP stack on the receiver side Example: Ethernet, ATM, and Frame Relay

Internet Layer
The Internet layer handles several jobs: oNetwork addressing (ARP; RARP): RARP is used to find the IP address when the MAC address is known oRouting information (OSPF, EGP) oData fragmentation: If a large datagram is transferred from network to network, the router may divide the datagram into fragments. Each fragment has an identification number. oReassembly oHandling error and request (ICMP): When a fragment fails to arrive or is corrupted, ICMP generates an error message. Also, it allows one to see if there is a physical connection to a host (ping)

IP Addressing
wDotted decimal notation format n4 decimal number separated by decimal points nEach decimal is one byte in length nThe decimal numbers are in the range 0-255 wConsists of two parts nThe network portion Internet administered (cannot be modified) nThe host portion Locally administered (can be modified) wIANA (Internet Assigned Numbers Authority) and ARIN (American Registry for Internet Numbers) manage the assigning of IP addresses

IP Addressing
wAddress assignment characteristics nAddresses are assigned to one of the three classes: A, B, and C nClass D is reserved for multicast address nClass E is reserved for experiment nAddress is used for IP loopback testing wAddresses reserved for private addresses: nClass A: nClass B: thru nClass C: thru


Overview of Remote Access

Remote Access

Remote access clients are either connected to only the remote access servers resources, or they are connected to the RAS servers resources and beyond. A Windows 2000 remote access server provides two remote access connection methods: dial up remote access and VPN remote access .

Dial - Up Remote Access Connections

The connection consists of a remote access client, remote access server, and WAN infrastructure

Thank You