Lecture 6


Published on

  • Be the first to comment

  • Be the first to like this

Lecture 6

  1. 1. COP 4910 Frontiers in Information Technology Lecture 6 Domains Hal Stringer
  2. 2. Today’s Agenda <ul><li>Turn in first Mini-Report </li></ul><ul><ul><li>Next MR due Tuesday of Next Week </li></ul></ul><ul><ul><li>What about the other MRs </li></ul></ul><ul><li>Domains </li></ul><ul><li>Topic for Next Tuesday’s Lecture? </li></ul>
  3. 3. Mini-Report Overview <ul><li>Information Posted on Website </li></ul><ul><ul><li>Background Information </li></ul></ul><ul><ul><li>Technology Overview </li></ul></ul><ul><ul><li>Business Issues </li></ul></ul><ul><ul><li>Technical Details </li></ul></ul><ul><ul><li>Implementation Issues </li></ul></ul><ul><li>Questions? </li></ul>
  4. 4. What is a Domain? <ul><li>Per www.dictionary.com </li></ul><ul><ul><li>A territory over which rule or control is exercised. </li></ul></ul><ul><ul><li>A sphere of activity, concern, or function; a field: the domain of history. </li></ul></ul><ul><ul><li>Computer Science . A group of networked computers that share a common communications address. </li></ul></ul><ul><li>Two common “domains” in IT: </li></ul><ul><ul><li>Domain Name for internet navigation </li></ul></ul><ul><ul><li>Windows Domain for LAN or WAN networking </li></ul></ul>
  5. 5. Internet Domain Names <ul><li>All computers connected to the Internet have a unique IP address. </li></ul><ul><ul><li>Used by TCP/IP protocols to route packets </li></ul></ul><ul><ul><li>IP addresses are difficult to remember </li></ul></ul><ul><li>DNS or Domain Name System developed to provide mapping between alphanumeric mnemonic names and IP addresses. </li></ul><ul><li>Real time mapping of names to IP addresses is called “name resolution” </li></ul><ul><li>Internet Corporation for Assigned Names and Numbers (ICANN) administers domain names and IP addresses to insure universal resolvability. </li></ul>
  6. 6. Domain Name System <ul><li>All names form a hierarchy </li></ul><ul><ul><li>Top Level Domains (org, .com, .info, .us, etc.) </li></ul></ul><ul><ul><li>2 nd Level Domain Name (abcwidget, cnn, msnbc, etc.) </li></ul></ul><ul><ul><li>Host Names (www, mail, ftp, corporate, west, etc.) </li></ul></ul><ul><ul><li>Example: www.abcwidget.com </li></ul></ul><ul><li>13 root name servers contain IP addresses of all TLD registries (master name servers) </li></ul><ul><li>Each master name server has IP addresses for all second level domain name servers </li></ul><ul><li>Each name server has records for all hosts associated with a given second level domain name </li></ul><ul><li>Local name resolvers cache information already received from root, master, or other name servers. </li></ul><ul><ul><li>Maintained by ISPs or by Corporate Network Administrators </li></ul></ul>
  7. 7. Setting Up a Domain on the Internet <ul><li>Purchase domain name (e.g., abcwidget.com) from ICANN registrar </li></ul><ul><li>Lease web server(s) from ISP </li></ul><ul><ul><li>ISP provides IP addresses for web server(s) </li></ul></ul><ul><li>Determine location (IP address) for name server </li></ul><ul><ul><li>Give to registrar so record can be created in master name server </li></ul></ul><ul><ul><li>Enter records for all hosts with appropriate IP addresses </li></ul></ul><ul><ul><li>Wait for changes to propagate </li></ul></ul>
  8. 8. Domains for Computers & LANs <ul><li>Early computers had no domains </li></ul><ul><ul><li>All users defined in a computer </li></ul></ul><ul><ul><li>Permissions determined by administrator at user/group level </li></ul></ul><ul><ul><li>Each computer administered separately </li></ul></ul><ul><li>IBM System Network Architecture </li></ul><ul><ul><li>“Domain” consists of all Physical Units (FEPs, CCs, terminals) and Logical Units (Users, Applications) connected to single Host Processor </li></ul></ul><ul><li>Introduction of PCs </li></ul><ul><ul><li>Windows for Workgroup (P2P) </li></ul></ul><ul><ul><li>Novell Netware (Client/Server) </li></ul></ul>
  9. 9. Windows NT Domains <ul><li>Each Windows NT Workstation has its own list of users and associated permissions </li></ul><ul><ul><li>User Name & Password required to use the workstation </li></ul></ul><ul><li>NT workstations are collected into a domain with access to a single account login database. </li></ul><ul><ul><li>Authorized user can log in at any workstation in domain. </li></ul></ul><ul><li>Domain controller maintains account database </li></ul><ul><ul><li>User authentication performed by DC on behalf of workstation </li></ul></ul><ul><ul><li>DC usually a separate NT server with backup DCs for disaster and load balancing </li></ul></ul><ul><li>Trust relationships allow users to connect to hosts/services in a different domain </li></ul>
  10. 10. Windows 2000 <ul><li>3 Versions: Professional, Server, Advanced Server </li></ul><ul><li>Server versions provide services including: </li></ul><ul><ul><li>User Login and Authentication </li></ul></ul><ul><ul><li>Storage Management & Clustering </li></ul></ul><ul><ul><li>File Server </li></ul></ul><ul><ul><li>Print Server </li></ul></ul><ul><ul><li>Web Server </li></ul></ul><ul><ul><li>Networking (DHCP, DNS, WINS) </li></ul></ul><ul><ul><li>Terminal Services </li></ul></ul><ul><li>Support for optional services </li></ul><ul><ul><li>Exchange Server, Sequel Server </li></ul></ul>
  11. 11. Active Directory <ul><li>One of biggest changes from NT Server </li></ul><ul><li>Provides both a Namespace and Directory Structure for domains, servers, workstations, administrators, users and other objects across a network </li></ul><ul><li>Combines X.500 naming standards, Internet DNS and LDAP (Lightweight directory access protocol) </li></ul><ul><li>Provides single point of administration for all resources on network </li></ul><ul><li>All domain controllers are peers. Changes are replicated to all other DCs in the network. </li></ul><ul><li>Based on hierarchical (trees and subtrees) object model (identities, attributes, containers) with delegation and inheritance. </li></ul>
  12. 12. Namespace <ul><li>Setting up a Namespace </li></ul><ul><ul><li>Tree: Single contiguous namespace descending from single root node. </li></ul></ul><ul><ul><ul><li>Good for cohesive, top-down organizations </li></ul></ul></ul><ul><ul><li>Forest: Collection of equal trees with no single root </li></ul></ul><ul><ul><ul><li>Good for larger enterprises with multiple lines of business </li></ul></ul></ul><ul><ul><li>Naming Convention: How leafs & nodes are identified </li></ul></ul><ul><ul><ul><li>Organizational - based on departments or functions </li></ul></ul></ul><ul><ul><ul><li>Geographical – based on territory </li></ul></ul></ul><ul><ul><li>Name Resolution for internal and external users </li></ul></ul><ul><ul><ul><li>Single NS ( www.abcwidget.com , corp.abcwidget.com) </li></ul></ul></ul><ul><ul><ul><li>Separate NS ( www.abcwidget.com , corp.abc.com) </li></ul></ul></ul>
  13. 13. Domain Planning <ul><li>Domain structure follows namespace </li></ul><ul><li>Each branch of namespace can be a domain or organization unit (OU) </li></ul><ul><ul><li>Domain: </li></ul></ul><ul><ul><ul><li>Core unit of Active Directory for administration & replication </li></ul></ul></ul><ul><ul><ul><li>Uniform security policy applies to entire domain. </li></ul></ul></ul><ul><ul><ul><li>All network objects exist as part of a domain </li></ul></ul></ul><ul><ul><ul><li>Managed from one or more Domain Controllers </li></ul></ul></ul><ul><ul><li>OU: </li></ul></ul><ul><ul><ul><li>Subset of domain derived from a subtree of the namespace. </li></ul></ul></ul><ul><ul><ul><li>Allows delegation of administrative rights to other users within the OU with MMCs. </li></ul></ul></ul>
  14. 14. Domain Implementation <ul><li>Install Windows 2000 Server </li></ul><ul><li>Configure Server </li></ul><ul><ul><li>First server on network must be a domain controller and include: </li></ul></ul><ul><ul><ul><li>Active Directory Service </li></ul></ul></ul><ul><ul><ul><li>DHCP Service </li></ul></ul></ul><ul><ul><ul><li>DNS Service </li></ul></ul></ul><ul><ul><ul><li>WINS Service (optional) </li></ul></ul></ul><ul><ul><li>Additional servers can be added as member servers or domain controllers. </li></ul></ul><ul><ul><ul><li>Can install DHCP, DNS or WINS on additional DCs for backup and recovery </li></ul></ul></ul><ul><li>Create users, computers, groups or shared folders/printers as needed. </li></ul>