Ad

  • 26 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
26
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
2
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. How the Active Directory system can simplify the management of network resources while offering enhanced network services What Is a Directory Service? It helps users track and locate objects. It lets you find information on a network and make your own data network-accessible. Advantages: It allows you to group workstations together for easier administration. Workstations can be updated, configured, and even repaired remotely. A single management interface that is accessible from anywhere on the network means more efficiency for you and less time spent bending over client workstations. It allows users to search for network services, like printers and faxes. Network services can also be managed and configured from a single Control Panel. It adds value to your network by increasing security, adding services, and reducing administration costs. In addition to helping you find and access your files, Active Directory offers several advanced file features: 1. Allow mobile users to access network files while offline. 2. Improve data security by automatically backing up important files. 3. Increase the availability of your files by keeping copies near where they’re needed most. Single sign-on security: Active Directory provides single sign-on security for users in your network. This means that users won’t have to remember multiple passwords for different applications. Instead, you can easily apply global security and configuration settings to Active Directory user accounts. Active Directory Domains: Domains represent logical partitions within Active Directory for security and directory replication. “Microsoft.com” is an example of a domain name. *There is a one-to-one correspondence between Active Directory domains and DNS domains. 1-Active Directory objects:
  • 2. Domains function as containers for Active Directory objects; which include users, servers, workstations, and network devices, such as printers. Each domain stores information only about the objects it contains, and theoretically an Active Directory domain can contain up to 10 million objects. One million objects in an Active Directory domain is the supported limit. 2-Authentication of Users: All Active Directory users log on to a domain, domains are boundaries of authentication. Domain controllers are responsible for authenticating user and group passwords, and Active Directory provides single log-on security throughout the domain. Domain-wide authentication means fewer lost passwords and fewer problems with configuring permissions. 3-Security policies: Domains are also policy boundaries. Security policies that are defined in one domain are not extended to other domains. This means that settings, such as administrative rights, do not cross from one domain to another. 4-Data replication: Within a domain, information about objects is replicated between all domain controllers for additional security and redundancy. Important files within a domain may also be replicated to provide failover support without requiring expensive additional hardware. However, information is not replicated between domains. This means that domains are also boundaries for data replication. Note: Domains define the borders of an Active Directory system. Domains provide seamless network services for users within the domain, and offer good security against systems outside of the domain. Active Directory Trees: Tree: A tree is a grouping of domains that forms a contiguous namespace. Contiguous namespace: A contiguous namespace is a set of domain names in which each child adds one or more identifiers to the beginning of the parent DNS name. For example, if the parent domain was Contoso.com and the child domain was US.Contoso.com, these two would form a contiguous namespace.
  • 3. Root Domain: You can keep adding identifiers to the beginning of a domain name to fit your organization’s structure. The name of the tree is Contoso.com, which is also referred to as the root of the domain tree. recursive Schema: Domains in an Active Directory tree share certain elements. They share a schema, which is the definition for all Active Directory objects. The schema also defines relationships between different kinds of objects. More... Domains in a tree also share configuration information about Active Directory as a whole and a Global Catalog, or GC. These objects are replicated between domain controllers in the tree. This ensures the consistency of your object definitions, settings, and Active Directory configuration across your enterprise. Transitive Trusts: In an Active Directory tree, trust relationships link domains together so that they can be administered as a single logical unit. Every time a new domain is added to the tree, a transitive trust is formed. Example: If domain “A” trusts domain “B,” then domain “A” trusts all the domains that “B” trusts. In this example, there is a trust relationship between Contoso.com and US.Contoso.com. Active Directory Forests: A forest is composed of one or more trees. A forest can contain several noncontiguous namespaces. Example: In this example, the forest contains two trees, each of which has its own namespace Contoso.com and Fabrikam.com. The forest takes the name of the first tree to be installed in that forest. Bidirectional trust relationships:
  • 4. In the same way that transitive trust relationships exist between domains in a tree, there are bidirectional trust relationships between top-level domains in a forest. *Just like trees, forests share a common schema, configuration, and Global Catalog. Organizational Units: Organizational Units are containers that you can use to group together other objects. OUs can be used to organize users, computers, groups, printers, applications, file shares, and even other OUs. Example: Each department of Contoso.com contains a group of users who use desktop workstations to access a specific group of printers, servers, and applications. By combining different types of objects, Organizational Units can be defined to contain all the resources used by each department. Group Policy allows you to define settings for each OU in your enterprise. You can improve the overall security of your enterprise. Organizational Unit Applications: OUs can be configured to meet your administrative needs. 1. OUs can be built for company departments or for geographic locations. 2. OUs can make Active Directory objects even easier to locate and manage. 3. OUs can be nested inside each other Domain Controllers (DC): “It is a server that Active Directory system users log in to and that contains information about your directory structure.” This information includes: Configuration settings, the directory schema, and the Global Catalog *To ensure continuous availability of directory services, an Active Directory system should contain at least two domain controllers.
  • 5. Difference between Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) Transmission Control Protocol (TCP): 1) Transmission Control Protocol (TCP) is a connection oriented protocol, which means the devices should open a connection before transmitting data and should close the connection gracefully after transmitting the data. 2) Transmission Control Protocol (TCP) assures reliable delivery of data to the destination. 3) Transmission Control Protocol (TCP) protocol provides extensive error checking mechanisms such as flow control and acknowledgment of data. 4) Sequencing of data is a feature of Transmission Control Protocol (TCP). 5) Delivery of data is guaranteed if you are using Transmission Control Protocol (TCP). 6) Transmission Control Protocol (TCP) is comparatively slow because of these extensive error checking mechanisms 7) Multiplexing and Demultiplexing is possible in Transmission Control Protocol (TCP) using TCP port numbers. 8) Retransmission of lost packets is possible in Transmission Control Protocol (TCP). User Datagram Protocol (UDP) 1) User Datagram Protocol (UDP) is Datagram oriented protocol with no overhead for opening, maintaining, and closing a connection. 2) User Datagram Protocol (UDP) is efficient for broadcast/multicast transmission. 3) User Datagram protocol (UDP) has only the basic error checking mechanism using checksums. 4) There is no sequencing of data in User Datagram protocol (UDP). 5) The delivery of data cannot be guaranteed in User Datagram protocol (UDP). 6) User Datagram protocol (UDP) is faster, simpler and more efficient than TCP. However, User Datagram protocol (UDP) it is less robust then TCP
  • 6. 7) Multiplexing and Demultiplexing is possible in User Datagram Protcol (UDP) using UDP portnumbers. 8) There is no retransmission of lost packets in User Datagram Protcol (UDP). DHCP has a number of advantages: 1) There is no need to manually configure each client with an IP address. 2) You don't need to keep a record of the IP addresses that you have assigned. 3) You can automatically assign a new IP address if you move a client to a different subnet. 4) You can release the IP address of a computer that is offline and reassign the address to another computer. 5) Address duplication is eliminated as DHCP automatically tracks IP address assignments. 6) The DHCP server can detect unauthorized DHCP servers on the network. Iterative (or non-recursive) query is one where the DNS server may provide a partial answer to the query (or give an error). DNS servers must support non-recursive queries. A recursive query is one where the DNS server will fully answer the query (or give an error). DNS servers are not required to support recursive queries and both the resolver (or another DNS acting recursively on behalf of another resolver) negotiate use of recursive service using bits in the query headers.