View stunning SlideShares in full-screen with the new iOS app!Introducing SlideShare for AndroidExplore all your favorite topics in the SlideShare appGet the SlideShare app to Save for Later — even offline
View stunning SlideShares in full-screen with the new Android app!View stunning SlideShares in full-screen with the new iOS app!
How the Active Directory system can simplify the management of
network resources while offering enhanced network services
What Is a Directory Service?
It helps users track and locate objects.
It lets you find information on a network and make your own data network-accessible.
It allows you to group workstations together for easier administration.
Workstations can be updated, configured, and even repaired remotely.
A single management interface that is accessible from anywhere on the network means
more efficiency for you and less time spent bending over client workstations.
It allows users to search for network services, like printers and faxes.
Network services can also be managed and configured from a single Control Panel.
It adds value to your network by increasing security, adding services, and reducing
In addition to helping you find and access your files, Active Directory offers several
advanced file features:
1. Allow mobile users to access network files while offline.
2. Improve data security by automatically backing up important files.
3. Increase the availability of your files by keeping copies near where they’re needed
Single sign-on security:
Active Directory provides single sign-on security for users in your network. This means that
users won’t have to remember multiple passwords for different applications. Instead, you can
easily apply global security and configuration settings to Active Directory user accounts.
Active Directory Domains:
Domains represent logical partitions within Active Directory for security and directory
replication. “Microsoft.com” is an example of a domain name.
*There is a one-to-one correspondence between Active Directory domains and DNS domains.
1-Active Directory objects:
Domains function as containers for Active Directory objects; which include users, servers,
workstations, and network devices, such as printers. Each domain stores information only
about the objects it contains, and theoretically an Active Directory domain can contain up to 10
million objects. One million objects in an Active Directory domain is the supported limit.
2-Authentication of Users:
All Active Directory users log on to a domain, domains are boundaries of authentication.
Domain controllers are responsible for authenticating user and group passwords, and Active
Directory provides single log-on security throughout the domain. Domain-wide authentication
means fewer lost passwords and fewer problems with configuring permissions.
Domains are also policy boundaries. Security policies that are defined in one domain are not
extended to other domains. This means that settings, such as administrative rights, do not cross
from one domain to another.
Within a domain, information about objects is replicated between all domain controllers for
additional security and redundancy. Important files within a domain may also be replicated to
provide failover support without requiring expensive additional hardware. However,
information is not replicated between domains. This means that domains are also boundaries
for data replication.
Note: Domains define the borders of an Active Directory system. Domains provide seamless
network services for users within the domain, and offer good security against systems outside
of the domain.
Active Directory Trees:
A tree is a grouping of domains that forms a contiguous namespace.
A contiguous namespace is a set of domain names in which each child adds one or more
identifiers to the beginning of the parent DNS name. For example, if the parent domain was
Contoso.com and the child domain was US.Contoso.com, these two would form a contiguous
You can keep adding identifiers to the beginning of a domain name to fit your organization’s
structure. The name of the tree is Contoso.com, which is also referred to as the root of the
domain tree. recursive
Domains in an Active Directory tree share certain elements. They share a schema, which is the
definition for all Active Directory objects. The schema also defines relationships between
different kinds of objects.
More... Domains in a tree also share configuration information about Active Directory as a
whole and a Global Catalog, or GC. These objects are replicated between domain controllers in
the tree. This ensures the consistency of your object definitions, settings, and Active Directory
configuration across your enterprise.
In an Active Directory tree, trust relationships link domains together so that they can be
administered as a single logical unit.
Every time a new domain is added to the tree, a transitive trust is formed.
If domain “A” trusts domain “B,” then domain “A” trusts all the domains that “B” trusts. In this
example, there is a trust relationship between Contoso.com and US.Contoso.com.
Active Directory Forests:
A forest is composed of one or more trees.
A forest can contain several noncontiguous namespaces.
In this example, the forest contains two trees, each of which has its own namespace
Contoso.com and Fabrikam.com.
The forest takes the name of the first tree to be installed in that forest.
Bidirectional trust relationships:
In the same way that transitive trust relationships exist between domains in a tree, there are
bidirectional trust relationships between top-level domains in a forest.
*Just like trees, forests share a common schema, configuration, and Global Catalog.
Organizational Units are containers that you can use to group together other objects. OUs can
be used to organize users, computers, groups, printers, applications, file shares, and even other
Each department of Contoso.com contains a group of users who use desktop workstations to
access a specific group of printers, servers, and applications. By combining different types of
objects, Organizational Units can be defined to contain all the resources used by each
Group Policy allows you to define settings for each OU in your enterprise.
You can improve the overall security of your enterprise.
Organizational Unit Applications:
OUs can be configured to meet your administrative needs.
1. OUs can be built for company departments or for geographic locations.
2. OUs can make Active Directory objects even easier to locate and manage.
3. OUs can be nested inside each other
Domain Controllers (DC):
“It is a server that Active Directory system users log in to and that contains information about
your directory structure.”
This information includes:
Configuration settings, the directory schema, and the Global Catalog
*To ensure continuous availability of directory services, an Active Directory system should
contain at least two domain controllers.
Difference between Transmission Control Protocol (TCP) and User
Datagram Protocol (UDP)
Transmission Control Protocol (TCP):
1) Transmission Control Protocol (TCP) is a connection oriented protocol, which means the
devices should open a connection before transmitting data and should close the connection
gracefully after transmitting the data.
2) Transmission Control Protocol (TCP) assures reliable delivery of data to the destination.
3) Transmission Control Protocol (TCP) protocol provides extensive error checking mechanisms
such as flow control and acknowledgment of data.
4) Sequencing of data is a feature of Transmission Control Protocol (TCP).
5) Delivery of data is guaranteed if you are using Transmission Control Protocol (TCP).
6) Transmission Control Protocol (TCP) is comparatively slow because of these extensive error
7) Multiplexing and Demultiplexing is possible in Transmission Control Protocol (TCP) using TCP
8) Retransmission of lost packets is possible in Transmission Control Protocol (TCP).
User Datagram Protocol (UDP)
1) User Datagram Protocol (UDP) is Datagram oriented protocol with no overhead for opening,
maintaining, and closing a connection.
2) User Datagram Protocol (UDP) is efficient for broadcast/multicast transmission.
3) User Datagram protocol (UDP) has only the basic error checking mechanism using
4) There is no sequencing of data in User Datagram protocol (UDP).
5) The delivery of data cannot be guaranteed in User Datagram protocol (UDP).
6) User Datagram protocol (UDP) is faster, simpler and more efficient than TCP. However, User
Datagram protocol (UDP) it is less robust then TCP
7) Multiplexing and Demultiplexing is possible in User Datagram Protcol (UDP) using UDP
8) There is no retransmission of lost packets in User Datagram Protcol (UDP).
DHCP has a number of advantages:
1) There is no need to manually configure each client with an IP address.
2) You don't need to keep a record of the IP addresses that you have assigned.
3) You can automatically assign a new IP address if you move a client to a different subnet.
4) You can release the IP address of a computer that is offline and reassign the address to
5) Address duplication is eliminated as DHCP automatically tracks IP address assignments.
6) The DHCP server can detect unauthorized DHCP servers on the network.
Iterative (or non-recursive) query is one where the DNS server may provide a partial answer to
the query (or give an error). DNS servers must support non-recursive queries.
A recursive query is one where the DNS server will fully answer the query (or give an error).
DNS servers are not required to support recursive queries and both the resolver (or another
DNS acting recursively on behalf of another resolver) negotiate use of recursive service using
bits in the query headers.