Академический Документы
Профессиональный Документы
Культура Документы
Admin Training
Agenda
Active Directory Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Demonstration Q&A
Active Directory
Introduction Domain, Trees, Forests (Logical) Domain Controllers, Sites (Physical) Replication Operations Masters Group Policy
Active Directory
Active Directory
Central component for Windows 2003 Operating system. Is a directory service which stores information about network object and make them available and usable for users, applications and computers.
Integrated Security
By managing logon and authentication By controlling access on the object
Ease of Management
Can be managed centrally Distributed management by delegating control
Single sign on
User can access the permitted network resources once logged on to the Active Directory.
L A U R E N Information Technologies Pvt. Ltd.
Active Directory.
Boundary of Security
Boundary of Authentication
Boundary of Replication
Domain NC Replication
COMPANY.COM
Collection of Domain controllers Transitive Trust Relationships All Domains in a Tree share:
Schema Configuration Global Catalog
Trees
COMPANY.COM
AMERICA.COMPANY.COM
EUROPE.COMPANY.COM
NICARAGUA.AMERICA.COMPANY.COM
Collection Domain trees Transitive Trust Relationships All Domains in a Forest share:
Schema Configuration Global Catalog
Forests
DIVISION.COM
COMPANY.COM
AMERICA.COMPANY.COM
What Is a Site?
A set of well-connected IP subnets
Site Usage
Replication Group policy application
GC
Site A
Company.com
Site C
GC
Site B
DC
DC
europe.company.com
GC
america.company.com
A master, searchable index that contains information about every object in every domain in a forest
Intra-Site Replication: AD replication between DCs within a site Inter-Site Replication: AD replication between sites
Replication Between Sites DS-RPC (RPC over IP) or SMTP Transports SMTP Can Be Used Compression
10 percent-20 percent of original size
Scheduled
Bridgehead Servers
Master Replication Server in a site
Schema
Perform updates to schema Sends updates to all DCs One per forest Default is the first DC installed
Domain
Performs add/remove of domains and cross-references to external DS One per forest Default is the first DC installed
Infrastructure
Generates pools of security identifiers to be distributed to DCs in the domain One per domain
Updates security identifiers (SIDs) and domains that are moved in and out of the domain
New Policy
Active Directory
Group Policy enables admins to set and maintain a desired computing state New Group Policy Management Console (GPMC) makes administration much easier
OU
OU
Software Installation
3 deployment options
Assign to computer
App is installed at boot App installed either on demand or (with XP and above) at user logon User chooses to install from add remove programs.
Assign to user
Publish to user
Computer Starts
User Logs On
Foreground refresh
Logon prompt not displayed till computer processing complete Desktop not displayed till user processing complete
Background refresh
Approximately every 90 minutes Software installation and folder redirection settings not processed
Active Directory .
Is a TCP/IP based name resolution service Is used to resolve a host name to its associated IP address Is implemented using two software components
DNS server DNS client (or resolver)
Automate the assignment of IP addresses Centrally managed by Network Administrators DHCP Scopes Scope - A range of IP addresses that can be assigned to clients that are on one subnet Superscope - Is a collection of individual scopes
Active Directory
Demonstration
Q&A