Published on

Active directory ppt

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide ppt

  1. 1. An Introduction to
  2. 2. Introduction  Large corporations today face the following problems     Finding a certain file. Seeing everything from a single view Replicate data Windows NT server network    Offers directory services Single network logon Single point of administration and replication
  3. 3. Traditional Directory     Tools for organizing, managing and locating objects in a computing system Directory services are like a telephone book LANs and WANs grow larger and more complex Active directory unifies and brings order to diverse server hierarchies, or namespaces
  4. 4. Directory Service    Users and administrators do not know exact names The directory can run a query for an object by one of its attributes A directory service can     Enforce security defined by administrator Replicate a directory Partition a directory into multiple stores A management and an end user tool
  5. 5. Active Directory   Included with Windows 2000 server Works well in any size installation   Single server with few hundred objects Thousands of server with millions of objects
  6. 6. Important Concepts  Scope  user Attributes for User Object:  Namespace  Name: Joe Surname: Smith Email:  Can include every single object, every server and every domain Any bounded area in which a given name can be resolved Object  A distinct, named set of attributes that represents something concrete, such as a user, a printer or an application.
  7. 7. Important Concepts  Container   An object which has attributes and is part of active directory Tree     A hierarchy of objects and containers Endpoints on trees are objects Nodes represent containers Shows how objects are connected
  8. 8. Important Concepts  Domains  Established Trust Domain A Domain B  Domain trees  Implicit Trust Domain C A single security boundary of a network A tree comprised of several domains sharing a common schema, configuration and forming a contiguous namespace
  9. 9. Important Concepts  Forest     A set of one or more trees that do not form a contiguous namespace All trees in a forest share a common schema, configuration and global catalog A forest does not need a distinct name Sites  Location in a network that contains Active Directory servers Microsoft.Com SoftImage.Com PBS.Microsoft.Com NTDev.PBS.Microsoft.Com Finance.SoftImage.Com
  10. 10. Active Directory Features  DNS Integration    Active Directory is tightly integrated with Domain Name System. Active Directory uses DNS as the location Service An Enterprise can connect Active Directory Servers directly to the Internet.
  11. 11. Support for LDAP    LDAP is Lightweight Directory Access Protocol. It was developed as a simpler alternative to X.500 protocol Active Directory supports both LDAP version 2 and version 3.
  12. 12. Object Naming  Active Directory Schema defines two useful properties   Object Globally Unique Identifier, a 128 bit number which is never changed if object is moved or renamed. User principal Name which is shorter than DN and easy to remember
  13. 13. Protocol Support  Supported protocols include:     LDAP Remote procedure call X.500 Supported API’s include    ADSI LDAP API MAPI
  14. 14. Global Catalog   GC enables users and applications to find objects in an Active Directory Domain tree if user knows one or more attributes of target object. GC holds a replica of every object in the Active Directory, but only holds a small number of their attributes.
  15. 15. Security  Object protection    All objects are protected by Access Control Lists. An ACL is store as a binary value called a Security Descriptor. Delegation  It allows a higher administrative authority to grant rights for containers and subtrees to individuals and groups.
  16. 16. Trees and Forests  Searching, results in deep search into child domains.   Windows 2000 domain tree is a hierarchy of domains, each consisting of a partition of Active Directory. Transitive Bidirectional Trust relationship is automatically established between joined domain and its parent. Domains are joined to Domain tree during installation process.
  17. 17. Extending the Schema   New attributes can be added to the Schema at any time , using name, OID, definition of data, range limits. New Objects can be added at any time using name, oid, list of classes that can be parents of object, class object is derived from, and list of classes that apply to the object.
  18. 18. Assuring Backward Compatibility  Easy Migration from Windows NT 3.5 and 4.0   Active Directory is designed to operate in mixed Environment. The migration process from Down level servers to active directory take place one domain controller at a time.
  19. 19. Win 4.x domain with single primary domain controller and two Backup Domain controllers. Windows NT 4.0 Domain PDC BDC BDC
  20. 20. Domain Replica Global Catalog Mixed Domain DC/PDC BDC BDC BDC
  21. 21. Pure Domain- Former BDC’s are now peers of the original Windows 2000. Domain Replica Global Catalog Pure Domain DC - GC DC DC Domain Replica Domain Replica DC Domain Replica