SlideShare a Scribd company logo

active directory fundamental for the beginner

Download as PPT, PDF
R
RivelynN

active directory fundamental for the beginner

Technology
1 of 38
Active Directory Fundamentals Win Moody Senior Trainer QA win.moody@qa.com
What we will cover:  Domains, Trees, Forests  Domain Controllers, Sites  The Domain Naming Service (DNS)  Replication  Operations Masters  Lots of demos….
Prerequisite Knowledge  Understanding of what a directory service is Level 200+
Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
Active Directory Logical Concepts Domains  Boundary of Security  Authentication  Security Policies  Boundary of Replication  Domain NC Replication  Boundary of DNS Namespace  Boundary of Administration KAPOHO.NET
Active Directory Logical Concepts Trees  Hierarchy of Domains forming a contiguous namespace  Transitive Trust Relationships  All Domains in a Tree share:  Schema  Configuration  Global Catalog KAPOHO.NET EUROPE.KAPOHO.NET HAWAII.KAPOHO.NET MAUI.HAWAII.KAPOHO.NET
 Hierarchy of Domains forming a contiguous or disjoint namespace  Transitive Trust Relationships  All Domains in a Forest share:  Schema  Configuration  Global Catalog PSP.CO.UK KAPOHO.NET HAWAII.KAPOHO.NET Active Directory Logical Concepts Forests
 Containers within Domains  Distinct Units of Administration  Unique to Domains Active Directory Logical Concepts Organizational Units
Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
Active Directory Physical Concepts Domain Controllers Primary Domain Controller (PDC) Backup Domain Controllers (BDCs) Domain Controllers (DCs)
 What is a Site?  A set of well-connected IP subnets  Site Usage  Locating Services (e.g. Logon, DFS)  Replication  Group Policy Application  Sites are connected with Site Links  Connects two or more sites Active Directory Physical Concepts Sites
Active Directory Physical Concepts Site Topology Company.com america.company.com europe.company.com DC Site A Site B Site C DC GC GC DC DC DC = Domain Controller GC = Global Catalog
 Partial Replica of all Objects in the Forest  Configurable subset of Attributes  Fast Forest-wide searches  Required at Logon for Universal Group Membership Active Directory Physical Concepts Global Catalog
Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
 SRV Records to locate services (req’d)  DDNS for Dynamic Update (desired)  Windows 2000 and up, DNS also provides:  Incremental Zone Transfers  Integration with Active Directory  Single replication topology  Multi-master replication  Secure Dynamic updates DNS DNS Requirements
DNS DNS Implementations  No existing DNS infrastructure  Deploy Microsoft DNS  Check existing DNS meets requirements  Existing DNS not adequate:  Choice 1: Update Server  Choice 2: Migrate to Microsoft DNS  Choice 3: Delegate a subdomain to Microsoft DNS
Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
 Naming Contexts (NCs)that are replicated  Schema Naming Context  Configuration Naming Context  Domain Naming Context  Multi-master Replication  Intra-site Bi-directional Ring Topology  Inter-site Spanning Tree Topology  Synchronous RPC over TCP/IP  Asynchronous SMTP Replication Replication Details
 Schema  Definitions of object classes and attributes  Replicated to all DCs in the forest  Configuration  AD Structure (domains, sites, and where the DCs are)  Replicated to all DCs in the forest  Domain  Domain specific objects (users, groups, computers, and OUs) Replication Naming Contexts
 Intra-site Replication: AD replication between DCs within a Site  Inter-site Replication: AD replication between Sites Replication Replication Topologies
 RPC replication within a Site  No compression  Assumes good network connections  Uses notification process  5 minutes -2k  Less – 2k3  KCC generates a bi-directional Ring with extra edges Tip: Always let KCC generate the intra-site replication topology when possible Replication Intra-site Replication
 Replication between Sites  DS-RPC (RPC over IP) or SMTP Transports  SMTP can be used only between GCs across Sites DCs of different domains and in different sites  Compression  10%-20% of original size  Scheduled Replication Inter-Site Replication
 Site-links link two or more sites  Costs and schedules can be specified  Transitive (can be disabled)  Site-link Bridges  Bridge two or more site-links  Bridgehead servers  KCC generates a minimum cost spanning tree Tip: Always let KCC generate the replication topology Replication Site-links, Bridges and Bridgehead Servers
Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
 Schema  Performs updates to schema  Sends updates to all DCs  One per forest  Default is the first DC installed  Domain  Performs add/remove of domains and cross-references to external DS  One per forest  Default is the first DC installed Operations Masters Schema and Domain
 Primary Domain Controller (PDC)  Acts as a PDC for requests from NT clients  One per domain  Relative Identifier (RID)  Generates pools of security identifiers to be distributed to DCs in the domain  One per domain  Infrastructure  Updates SIDs on objects across domains  One per domain  Not required in a single-domain forest Operations Masters PDC, RID and Infrastructure
Summary  There are Logical and Physical concepts in Active Directory  DNS  Plenty of Information
For More Information…  Main TechNet Web site at www.microsoft.com/technet  Additional resources to support this Session page can be found at www.microsoft.com/technet/tnt1-98
MS Press Inside information for IT Professionals To find the latest IT Professional related titles visit www.microsoft.com/learning/it/books
Third Party Publications Supplementary Publications for IT Pros These books can be found and purchased at all good book stores and on-line retailers
Microsoft Learning Training Resources for IT Professionals Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure  Course Number: 2279  Availability: Now  Detailed Syllabus: www.microsoft.com/learning To locate a training provider, please access www.microsoft.com/learning Microsoft Certified Technical Education Centers are Microsoft’s premier partners for training services
Assess your Readiness Microsoft Skills Assessment What is Microsoft Skills Assessment?  Self-study learning tool to evaluate readiness for product and technology solutions, instead of job-roles (certification)  Windows Server 2003, Exchange Server 2003, Windows Storage Server 2003, Visual Studio .NET, Office 2003  Free, online, unproctored, and available to anyone  Answers, “Am I ready?”  Determines skills gaps, provides learning plans with Microsoft Official Curriculum courses, plus more Microsoft learning content suggestions such as TechNet resources  Post your High Score to see how you stack up  visit http://www.microsoft.com/assessment
Become a Microsoft Certified Systems Administrator (MCSA)  What is the MCSA certification?  For IT professionals who manage and maintain networks and systems based on the Microsoft Windows Server operating system  How do I become an MCSA on Microsoft Windows 2003?  Pass 3 core exams  Pass 1 elective exam or 2 CompTIA certifications  Where do I get more information?  For more information about certification requirements, exams, and training, visit www.microsoft.com/mcsa
Become A Microsoft Certified Systems Engineer (MCSE)  What is the MCSE certification?  Premier certification for IT professionals who analyze the business requirements and design, plan, and implement the infrastructure for business solutions based on the Microsoft Windows Server System integrated server software.  How do I become an MCSE on Microsoft Windows 2003?  Pass 6 core exams  Pass 1 elective exams from a comprehensive list  Where do I get more information?  For more information about certification requirements, exams, and training options, visit www.microsoft.com/mcse
Demonstrate Your Security or Messaging Specialization  What are MCSA/MCSE specializations?  MCSA and MCSE specializations allow IT professionals to highlight specific expertise or technical focus within their job role.  What specializations are available?  MCSA: Security  MCSA: Messaging  MCSE: Security  MCSE: Messaging  Where do I get more information?  For more information about MCSA and MCSE specialization requirements, exams, and training options, visit www.microsoft.com/mcsa or www.microsoft.com/mcse
What is TechNet?  Put the right answers at your fingertips  TechNet is the comprehensive collection of resources to help IT implementers plan, deploy, and manage Microsoft products successfully Monthly updates delivered on DVD or CD  The definitive resource to help you evaluate, deploy and maintain Microsoft products TechNet Subscription Accessible at www.microsoft.com/technet  Online resources and community  Subscriber-only Online Services TechNet Web Site Bi-weekly e-newsletter  Security updates, new resources, and special offers TechNet Flash Briefings on the latest Microsoft products and technologies  Hands-on, “how to” information TechNet Events and Web Casts User Groups Managed Newsgroups TechNet Communities
Where Can I Get TechNet?  Visit TechNet Online at www.microsoft.com/technet  Register for the TechNet Flash www.microsoft.com/technet/subscriptions/flash.asp  Join the TechNet Online forum at www.microsoft.com/technet/itcommunity  Become a TechNet Subscriber at www.microsoft.com/technet/buynow/subscribe  Attend More TechNet Events or view on-line www.microsoft.com/technet/tcevents/itevents
active directory fundamental for the beginner

Recommended

Itproadd 01 60 minute version
Itproadd 01 60 minute versionItproadd 01 60 minute version
Itproadd 01 60 minute versionTarique_1
 
Windowsserver2003twpppt
Windowsserver2003twppptWindowsserver2003twpppt
Windowsserver2003twppptMizuhashi Yuki
 
Ad fundamentals
Ad fundamentalsAd fundamentals
Ad fundamentalsRajesh Pushparaj
 
Ali Nawaz Ahmed - Lead DBA
Ali Nawaz Ahmed - Lead DBAAli Nawaz Ahmed - Lead DBA
Ali Nawaz Ahmed - Lead DBAali nawaz
 
Fundamentals
FundamentalsFundamentals
Fundamentalsvamsi1986
 
Ujjwal Chatterjee
Ujjwal Chatterjee Ujjwal Chatterjee
Ujjwal Chatterjee Ujjwal chatterjee
 
SHEKAR - RESUME
SHEKAR - RESUMESHEKAR - RESUME
SHEKAR - RESUMEshekar tokala
 
Microsoft Enterprise Communications Event
Microsoft Enterprise Communications EventMicrosoft Enterprise Communications Event
Microsoft Enterprise Communications Eventheathermcgough
 

Recommended

Itproadd 01 60 minute version
Itproadd 01 60 minute versionItproadd 01 60 minute version
Itproadd 01 60 minute versionTarique_1
 
Windowsserver2003twpppt
Windowsserver2003twppptWindowsserver2003twpppt
Windowsserver2003twppptMizuhashi Yuki
 
Ad fundamentals
Ad fundamentalsAd fundamentals
Ad fundamentalsRajesh Pushparaj
 
Ali Nawaz Ahmed - Lead DBA
Ali Nawaz Ahmed - Lead DBAAli Nawaz Ahmed - Lead DBA
Ali Nawaz Ahmed - Lead DBAali nawaz
 
Fundamentals
FundamentalsFundamentals
Fundamentalsvamsi1986
 
Ujjwal Chatterjee
Ujjwal Chatterjee Ujjwal Chatterjee
Ujjwal Chatterjee Ujjwal chatterjee
 
SHEKAR - RESUME
SHEKAR - RESUMESHEKAR - RESUME
SHEKAR - RESUMEshekar tokala
 
Microsoft Enterprise Communications Event
Microsoft Enterprise Communications EventMicrosoft Enterprise Communications Event
Microsoft Enterprise Communications Eventheathermcgough
 
Sreenath Vulsala_Concepts
Sreenath Vulsala_ConceptsSreenath Vulsala_Concepts
Sreenath Vulsala_Conceptssreenath vulsala
 
MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2Information Technology
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxrajeevrocks
 
Describe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docxDescribe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docxearleanp
 
Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015lucky bhandari
 
Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000ukdpe
 
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Joel Oleson
 
NT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource ForestsNT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource Forestswebhostingguy
 
sarath very latest
sarath very latestsarath very latest
sarath very latestsarathksekar
 
Prakash_CV
Prakash_CVPrakash_CV
Prakash_CVPrakash P
 
Jayaraju_resume
Jayaraju_resumeJayaraju_resume
Jayaraju_resumePasala Jayaraju
 
Exam Ref 70-741.pdf
Exam Ref 70-741.pdfExam Ref 70-741.pdf
Exam Ref 70-741.pdfYogeshwaran R
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)kailash Pankaj
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)kailash Pankaj
 
Arun Kumar Resume_Exchange SME
Arun Kumar Resume_Exchange SMEArun Kumar Resume_Exchange SME
Arun Kumar Resume_Exchange SMEArun Chaudhary Freelancer Microsoft Trainer- SME - Book Writer
 
Fundamentals
FundamentalsFundamentals
FundamentalsPrasenjit Saha
 
Anirban paul (1)
Anirban paul (1)Anirban paul (1)
Anirban paul (1)Anirban Paul
 
KiranNew_Resume
KiranNew_ResumeKiranNew_Resume
KiranNew_Resumekiran kumar
 
Effectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insightsEffectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insightsHarshit Sanghvi
 
Microsoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BIMicrosoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BIMark Kromer
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 

More Related Content

Similar to active directory fundamental for the beginner

MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2Information Technology
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxrajeevrocks
 
Describe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docxDescribe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docxearleanp
 
Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015lucky bhandari
 
Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000ukdpe
 
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Joel Oleson
 
NT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource ForestsNT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource Forestswebhostingguy
 
sarath very latest
sarath very latestsarath very latest
sarath very latestsarathksekar
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)kailash Pankaj
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)kailash Pankaj
 
Effectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insightsEffectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insightsHarshit Sanghvi
 
Microsoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BIMicrosoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BIMark Kromer
 

Similar to active directory fundamental for the beginner (20)

Sreenath Vulsala_Concepts
Sreenath Vulsala_ConceptsSreenath Vulsala_Concepts
Sreenath Vulsala_Concepts
 
MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptx
 
Describe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docxDescribe- manage- and install Active Directory replication- federation.docx
Describe- manage- and install Active Directory replication- federation.docx
 
Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015Updated_CV_Lucky Bhandari_17-11-2015
Updated_CV_Lucky Bhandari_17-11-2015
 
Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000Saying goodbye to SQL Server 2000
Saying goodbye to SQL Server 2000
 
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
 
NT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource ForestsNT Domain Restructuring and Exchange Resource Forests
NT Domain Restructuring and Exchange Resource Forests
 
sarath very latest
sarath very latestsarath very latest
sarath very latest
 
Prakash_CV
Prakash_CVPrakash_CV
Prakash_CV
 
Jayaraju_resume
Jayaraju_resumeJayaraju_resume
Jayaraju_resume
 
Exam Ref 70-741.pdf
Exam Ref 70-741.pdfExam Ref 70-741.pdf
Exam Ref 70-741.pdf
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)
 
Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)Kailash Pankaj CV@May2016 (1)
Kailash Pankaj CV@May2016 (1)
 
Arun Kumar Resume_Exchange SME
Arun Kumar Resume_Exchange SMEArun Kumar Resume_Exchange SME
Arun Kumar Resume_Exchange SME
 
Fundamentals
FundamentalsFundamentals
Fundamentals
 
Anirban paul (1)
Anirban paul (1)Anirban paul (1)
Anirban paul (1)
 
KiranNew_Resume
KiranNew_ResumeKiranNew_Resume
KiranNew_Resume
 
Effectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insightsEffectively manage and scale word press multisite and importance of insights
Effectively manage and scale word press multisite and importance of insights
 
Microsoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BIMicrosoft Cloud Database & Cloud BI
Microsoft Cloud Database & Cloud BI
 

Recently uploaded

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdfMuhammad Subhan
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfalexjohnson7307
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...ScyllaDB
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Skynet Technologies
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxMasterG
 

Recently uploaded (20)

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
 

active directory fundamental for the beginner

  • 2. What we will cover:  Domains, Trees, Forests  Domain Controllers, Sites  The Domain Naming Service (DNS)  Replication  Operations Masters  Lots of demos….
  • 3. Prerequisite Knowledge  Understanding of what a directory service is Level 200+
  • 4. Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
  • 5. Active Directory Logical Concepts Domains  Boundary of Security  Authentication  Security Policies  Boundary of Replication  Domain NC Replication  Boundary of DNS Namespace  Boundary of Administration KAPOHO.NET
  • 6. Active Directory Logical Concepts Trees  Hierarchy of Domains forming a contiguous namespace  Transitive Trust Relationships  All Domains in a Tree share:  Schema  Configuration  Global Catalog KAPOHO.NET EUROPE.KAPOHO.NET HAWAII.KAPOHO.NET MAUI.HAWAII.KAPOHO.NET
  • 7.  Hierarchy of Domains forming a contiguous or disjoint namespace  Transitive Trust Relationships  All Domains in a Forest share:  Schema  Configuration  Global Catalog PSP.CO.UK KAPOHO.NET HAWAII.KAPOHO.NET Active Directory Logical Concepts Forests
  • 8.  Containers within Domains  Distinct Units of Administration  Unique to Domains Active Directory Logical Concepts Organizational Units
  • 9. Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
  • 10. Active Directory Physical Concepts Domain Controllers Primary Domain Controller (PDC) Backup Domain Controllers (BDCs) Domain Controllers (DCs)
  • 11.  What is a Site?  A set of well-connected IP subnets  Site Usage  Locating Services (e.g. Logon, DFS)  Replication  Group Policy Application  Sites are connected with Site Links  Connects two or more sites Active Directory Physical Concepts Sites
  • 12. Active Directory Physical Concepts Site Topology Company.com america.company.com europe.company.com DC Site A Site B Site C DC GC GC DC DC DC = Domain Controller GC = Global Catalog
  • 13.  Partial Replica of all Objects in the Forest  Configurable subset of Attributes  Fast Forest-wide searches  Required at Logon for Universal Group Membership Active Directory Physical Concepts Global Catalog
  • 14. Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
  • 15.  SRV Records to locate services (req’d)  DDNS for Dynamic Update (desired)  Windows 2000 and up, DNS also provides:  Incremental Zone Transfers  Integration with Active Directory  Single replication topology  Multi-master replication  Secure Dynamic updates DNS DNS Requirements
  • 16. DNS DNS Implementations  No existing DNS infrastructure  Deploy Microsoft DNS  Check existing DNS meets requirements  Existing DNS not adequate:  Choice 1: Update Server  Choice 2: Migrate to Microsoft DNS  Choice 3: Delegate a subdomain to Microsoft DNS
  • 17. Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
  • 18.  Naming Contexts (NCs)that are replicated  Schema Naming Context  Configuration Naming Context  Domain Naming Context  Multi-master Replication  Intra-site Bi-directional Ring Topology  Inter-site Spanning Tree Topology  Synchronous RPC over TCP/IP  Asynchronous SMTP Replication Replication Details
  • 19.  Schema  Definitions of object classes and attributes  Replicated to all DCs in the forest  Configuration  AD Structure (domains, sites, and where the DCs are)  Replicated to all DCs in the forest  Domain  Domain specific objects (users, groups, computers, and OUs) Replication Naming Contexts
  • 20.  Intra-site Replication: AD replication between DCs within a Site  Inter-site Replication: AD replication between Sites Replication Replication Topologies
  • 21.  RPC replication within a Site  No compression  Assumes good network connections  Uses notification process  5 minutes -2k  Less – 2k3  KCC generates a bi-directional Ring with extra edges Tip: Always let KCC generate the intra-site replication topology when possible Replication Intra-site Replication
  • 22.  Replication between Sites  DS-RPC (RPC over IP) or SMTP Transports  SMTP can be used only between GCs across Sites DCs of different domains and in different sites  Compression  10%-20% of original size  Scheduled Replication Inter-Site Replication
  • 23.  Site-links link two or more sites  Costs and schedules can be specified  Transitive (can be disabled)  Site-link Bridges  Bridge two or more site-links  Bridgehead servers  KCC generates a minimum cost spanning tree Tip: Always let KCC generate the replication topology Replication Site-links, Bridges and Bridgehead Servers
  • 24. Agenda  Active Directory Logical Concepts  Active Directory Physical Concepts  DNS  Replication  Operations Masters
  • 25.  Schema  Performs updates to schema  Sends updates to all DCs  One per forest  Default is the first DC installed  Domain  Performs add/remove of domains and cross-references to external DS  One per forest  Default is the first DC installed Operations Masters Schema and Domain
  • 26.  Primary Domain Controller (PDC)  Acts as a PDC for requests from NT clients  One per domain  Relative Identifier (RID)  Generates pools of security identifiers to be distributed to DCs in the domain  One per domain  Infrastructure  Updates SIDs on objects across domains  One per domain  Not required in a single-domain forest Operations Masters PDC, RID and Infrastructure
  • 27. Summary  There are Logical and Physical concepts in Active Directory  DNS  Plenty of Information
  • 28. For More Information…  Main TechNet Web site at www.microsoft.com/technet  Additional resources to support this Session page can be found at www.microsoft.com/technet/tnt1-98
  • 29. MS Press Inside information for IT Professionals To find the latest IT Professional related titles visit www.microsoft.com/learning/it/books
  • 30. Third Party Publications Supplementary Publications for IT Pros These books can be found and purchased at all good book stores and on-line retailers
  • 31. Microsoft Learning Training Resources for IT Professionals Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure  Course Number: 2279  Availability: Now  Detailed Syllabus: www.microsoft.com/learning To locate a training provider, please access www.microsoft.com/learning Microsoft Certified Technical Education Centers are Microsoft’s premier partners for training services
  • 32. Assess your Readiness Microsoft Skills Assessment What is Microsoft Skills Assessment?  Self-study learning tool to evaluate readiness for product and technology solutions, instead of job-roles (certification)  Windows Server 2003, Exchange Server 2003, Windows Storage Server 2003, Visual Studio .NET, Office 2003  Free, online, unproctored, and available to anyone  Answers, “Am I ready?”  Determines skills gaps, provides learning plans with Microsoft Official Curriculum courses, plus more Microsoft learning content suggestions such as TechNet resources  Post your High Score to see how you stack up  visit http://www.microsoft.com/assessment
  • 33. Become a Microsoft Certified Systems Administrator (MCSA)  What is the MCSA certification?  For IT professionals who manage and maintain networks and systems based on the Microsoft Windows Server operating system  How do I become an MCSA on Microsoft Windows 2003?  Pass 3 core exams  Pass 1 elective exam or 2 CompTIA certifications  Where do I get more information?  For more information about certification requirements, exams, and training, visit www.microsoft.com/mcsa
  • 34. Become A Microsoft Certified Systems Engineer (MCSE)  What is the MCSE certification?  Premier certification for IT professionals who analyze the business requirements and design, plan, and implement the infrastructure for business solutions based on the Microsoft Windows Server System integrated server software.  How do I become an MCSE on Microsoft Windows 2003?  Pass 6 core exams  Pass 1 elective exams from a comprehensive list  Where do I get more information?  For more information about certification requirements, exams, and training options, visit www.microsoft.com/mcse
  • 35. Demonstrate Your Security or Messaging Specialization  What are MCSA/MCSE specializations?  MCSA and MCSE specializations allow IT professionals to highlight specific expertise or technical focus within their job role.  What specializations are available?  MCSA: Security  MCSA: Messaging  MCSE: Security  MCSE: Messaging  Where do I get more information?  For more information about MCSA and MCSE specialization requirements, exams, and training options, visit www.microsoft.com/mcsa or www.microsoft.com/mcse
  • 36. What is TechNet?  Put the right answers at your fingertips  TechNet is the comprehensive collection of resources to help IT implementers plan, deploy, and manage Microsoft products successfully Monthly updates delivered on DVD or CD  The definitive resource to help you evaluate, deploy and maintain Microsoft products TechNet Subscription Accessible at www.microsoft.com/technet  Online resources and community  Subscriber-only Online Services TechNet Web Site Bi-weekly e-newsletter  Security updates, new resources, and special offers TechNet Flash Briefings on the latest Microsoft products and technologies  Hands-on, “how to” information TechNet Events and Web Casts User Groups Managed Newsgroups TechNet Communities
  • 37. Where Can I Get TechNet?  Visit TechNet Online at www.microsoft.com/technet  Register for the TechNet Flash www.microsoft.com/technet/subscriptions/flash.asp  Join the TechNet Online forum at www.microsoft.com/technet/itcommunity  Become a TechNet Subscriber at www.microsoft.com/technet/buynow/subscribe  Attend More TechNet Events or view on-line www.microsoft.com/technet/tcevents/itevents