HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
Active directory
1. Active Directory
The active directory is just like a
container that contains the information
about the network objects like users,
passwords, computer accounts etc
It uses three application layer protocols
LDAP
Kerberos
DNS
2. LDAP
Lightweight Directory Access Protocol
Is an application protocol for reading
and editing directories over an IP
network.
It is a standardized server/client TCP/IP
based Protocol.
3. Kerberos
Is a computer networking authentication
Protocol , which allows nodes to
communicate over a non secure network
to prove there identity to one another in
a secure manner.
4. DNS
Domain Name System
It is an application layer protocol
It is use to translate Domain name to
there IP address and IP address to
Domain Name.
5. Active Directory Services
Active directory provides different type of
services like.
Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory
Services (AD LDS)
Active Directory Certificate Services (AD
CS)
Active Directory Right Management
services (AD RMS)
Active Directory federation Services (AD
FS)
6. Active Directory Domain
Services
Directory service is a service that manages all
resources on the network from a centralized
location and make them available to the network
users and application.
It provide different type of services like
User Account
Computer Account
User authentication
Access to network resource
Domain wide authentication
7. Active Directory Lightweight
Directory Service
Based on LDAP
Allow clients to access a directory
service
Used for application like
Internet applications
○ Centralized or distributed white pages
○ ISP on-line subscriber directory
Intranet applications
○ Internal white pages
○ Certificate and CRL distribution
○ System/network management database
8. Active Directory Certificate
Services
Certificate services is the most common
way to provide security in the enterprise
and on the internet.
Digital certificates are used for encrypt
information, authenticate users and
computers in AD CS.
The PKI (Public Key infrastructure) is
used to distribute and manage digital
certificate.
9. Public Key Infrastructure
PKI includes
○ Certificate Authorities
○ Certificate revocation list
○ CA Management Tools
○ Certificates
10. Active directory Right
Management Services
AD RMS is a form of information rights
management that uses encryption and a
form of selective functionality for limiting
access to documents such as corporate
e-mails, word documents.
Distribute client certificates enforces
content access policies, and provides
central management.
11. Active Directory Federation
Services
In AD FS, identity federation is established
between two organizations by establishing
trust between two security realms. A
federation server on one side (the
Accounts side) authenticates the user
through the standard means in Active
Directory Domain Services and then issues
a token containing a series of claims about
the user, including its identity.