By Amin Pathan
(MTech-CSE Pursuing, BE-IT)
Technical overview of Windows 2003 Active
Directory
 Introduction to Windows 2003 Active Directory in
application mode
 ...
What is Active Directory
 Building an Active Directory
 Using Active Directory Features
 Active Directory Objects
 Aud...
Directory services of the Windows server system
 Stores information about network object and
makes the information availa...
Integration with DNS
 Flexible querying
 Information security
 Simplified administration
 Scalability



Objects are the basic entities that constitute the
Active Directory
◦ Each object will have it own globally unique iden...


Objects based hierarchical structure with
constructs
◦
◦
◦
◦
◦
◦

Domains
Trees
Forests
Trust relationships
Organizatio...
Parent and child domains in a domain tree. Double-headed arrows indicate
two-way transitive trust relationships
One forest with three domain trees. The three root
domains are not contiguous with each other, but
EuropeRoot.com and Asia...
Shortcut trusts between Domains B and D, and between Domains
D and 2
Transitive
 Two-way
 Shortcut trusts
 External trusts

Intra-site replication with just one domain .
Intra-site replication with two domains and two global
catalogs
Based on standard directory protocols
 Interoperate with other protocols
 Example: LDAP
(Lightweight
Directory Access Pr...
Based on Kerberos
 Supports multiple security configurations for
cross platform interoperability


◦ Clients: A domain c...
Installation Of Active Directory








The computer must be Windows 2k, 2k3 Server,
Advanced Server or Datacenter Server.
At least one volume on t...
DCPROMO
• Clients use DNS to locate Active
Directory controllers.
• Servers and client computers register their
names and IP addre...
Existing Domain
 Member Server

Users
 Computers
 Groups

Defines the various components of the users
desktop environment that an administrator must
manage
 Applies not only to us...
Manage registry-based policy with Administrative
Templates
 Assign scripts. This includes scripts such as
computer startu...


Audit related functional activities









Account logon and logon events
Object access
Account management
Directory service access
Policy change
Sy...
Logon/Logout
 User access to resources


◦ File, folder, registry key, printer etc.



Account management

◦ Create use...
www.microsoft.com
 www.windowsitpro.com
 www.visualwin.com




http://www.microsoft.com/technet/prodtechnol/windowsser...
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Active directory and application
Upcoming SlideShare
Loading in …5
×

Active directory and application

313 views
175 views

Published on

based on Windows Server 2008

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
313
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Active directory and application

  1. 1. By Amin Pathan (MTech-CSE Pursuing, BE-IT)
  2. 2. Technical overview of Windows 2003 Active Directory  Introduction to Windows 2003 Active Directory in application mode  Windows 2003 Reviewer’s Guide 
  3. 3. What is Active Directory  Building an Active Directory  Using Active Directory Features  Active Directory Objects  Auditing Active Directory 
  4. 4. Directory services of the Windows server system  Stores information about network object and makes the information available to administrators, users, and applications  Provides a single point of network management allowing people to add, remove, and relocate users and resources easily  Integrated with Internet’s hierarchical domain naming system 
  5. 5. Integration with DNS  Flexible querying  Information security  Simplified administration  Scalability 
  6. 6.  Objects are the basic entities that constitute the Active Directory ◦ Each object will have it own globally unique identifier (GUID)  Schema ◦ Describes the object classes ◦ Defines the attributes for the object classes
  7. 7.  Objects based hierarchical structure with constructs ◦ ◦ ◦ ◦ ◦ ◦ Domains Trees Forests Trust relationships Organizational Units Sites
  8. 8. Parent and child domains in a domain tree. Double-headed arrows indicate two-way transitive trust relationships
  9. 9. One forest with three domain trees. The three root domains are not contiguous with each other, but EuropeRoot.com and AsiaRoot.com are child domains of HQ-Root.com.
  10. 10. Shortcut trusts between Domains B and D, and between Domains D and 2
  11. 11. Transitive  Two-way  Shortcut trusts  External trusts 
  12. 12. Intra-site replication with just one domain .
  13. 13. Intra-site replication with two domains and two global catalogs
  14. 14. Based on standard directory protocols  Interoperate with other protocols  Example: LDAP (Lightweight Directory Access Protocol)  ◦ LDAP it is used to add, modify, delete and query information stored in AD ◦ LDAP to AD is like SQL to Oracle ◦ LDAP determines how a client can access the directory, operations within the directory and share directory data
  15. 15. Based on Kerberos  Supports multiple security configurations for cross platform interoperability  ◦ Clients: A domain controller will authenticate clients running RFC-1510 Kerberos. This will include other clients running other operating systems. ◦ Unix clients and services: A Kerberos principal is mapped to a Windows 2000 user or computer account
  16. 16. Installation Of Active Directory
  17. 17.        The computer must be Windows 2k, 2k3 Server, Advanced Server or Datacenter Server. At least one volume on the computer must be formatted with NTFS. DNS must be active on the network prior to AD installation or be installed during AD installation. DNS must support SRV records and be dynamic. The computer must have IP protocol installed and have a static IP address. The Kerberos v5 authentication protocol must be installed. Time and zone information must be correct.
  18. 18. DCPROMO
  19. 19. • Clients use DNS to locate Active Directory controllers. • Servers and client computers register their names and IP addresses with the DNS server
  20. 20. Existing Domain  Member Server 
  21. 21. Users  Computers  Groups 
  22. 22. Defines the various components of the users desktop environment that an administrator must manage  Applies not only to user and client computers but also to member servers, domain controllers, and other 2003 server in scope of management 
  23. 23. Manage registry-based policy with Administrative Templates  Assign scripts. This includes scripts such as computer startup, shutdown, logon, and logoff  redirect folders, such as My Documents and My Pictures, from the Documents and Settings folder on the local computer to network locations 
  24. 24.  Audit related functional activities
  25. 25.         Account logon and logon events Object access Account management Directory service access Policy change System events Process tracking Privilege
  26. 26. Logon/Logout  User access to resources  ◦ File, folder, registry key, printer etc.  Account management ◦ Create users and groups, modify membership, change password etc.  Systems events ◦ Service start/stop  Directory service access ◦ User’ access to Active Directory objects
  27. 27. www.microsoft.com  www.windowsitpro.com  www.visualwin.com   http://www.microsoft.com/technet/prodtechnol/windowsserver  http://en.wikipedia.org/wiki/Active%5FDirectory  http://www.microsoft.com/technet/prodtechnol/window

×