Documente Academic
Documente Profesional
Documente Cultură
Active Directory
Active Directory is the name given to the directory service employed in Windows Server 2003 Its dual role: to act as a data repository and to provide data to applications and features outside of AD
Forest
Domain
Domain
Tree
O U
Domain
O U
O U
Tree
Domain Domain
Objects
Logical Components
Objects Domains Forests Trees Organizational Units (OU)
OBJECTS
Basic
unit of Active Directory is known as object. Active Directory information in object. Object are users, computer shared folder, groups and printers.
Domain
Has a unique name Is organized in hierarchical levels Has an Active Directory replicated across its domain controllers A logical container used to organize domain objects Makes it easy to locate and manage objects Allows you to apply Group Policy settings Allows delegation of administrative control
Sometimes necessary to create multiple domains within an organization First Active Directory domain is the forest root domain A tree is a hierarchical collection of domains that share a contiguous DNS naming structure A forest is a collection of trees that do not share a contiguous DNS naming structure Transitive trust relationships exist among domains in trees and, optionally, in and across forests
9
10
Physical Components
11
Domain Controllers ( DC )
Active Directory service installed Servers that provide authentication of domain members Data stores
%systemroot%\ntds.dit
12
Sites
A collection of computers connected via a highspeed network LAN IP subnet Sites relate to the physical layout of the network A site can contain multiple domains, and a domain can cross several sites Connect via slow speed links (WAN)
13
Functional level
Domain Functional levels
Mixed Mode NT, 2000 and 2003 Domain Controllers Native Mode 2000 and 2003 Domain Controllers Windows Server 2003 interim domain functional only when upgrading from NT Windows Server 2003 domain functional only 2003 DCs Windows 2000 NT, 2000 and 2003 DCs Windows Server 2003 Interim Windows Server 2003
15
Domain - a selection of computers, user accounts, or other objects that share a common security boundary
hierarchical structure of containers and objects unique DNS name security boundary
16
Overview of DHCP
DHCP server: a host providing configuration parameters through DHCP DHCP client: a host requesting configuration parameters from a DHCP server. DHCP consists of two components:
Domains
Domains: a domain is a subtree of the domain name space. The name of the domain is the domain name of the node at the top of the sub-tree.
21
Domain Name
Domain Name: Each node in the tree has a domain name. Fully Qualified Domain Name ( FQDN ): A label which is terminated by a null string. It contains all labels, from the most specific to the most general, that unique defines the name of the host Partially Qualified Domain Name ( PQDN ): A PQDN starts from a node, but it does not reach the root. It is used when the name to be resolved belongs to the same site as the client. Here the resolver can supply the mission part, called the suffix, to create an FQDN.
22
23
Overview of TCP / IP
26
Internet Layer
The Internet layer handles several jobs: oNetwork addressing (ARP; RARP): RARP is used to find the IP address when the MAC address is known oRouting information (OSPF, EGP) oData fragmentation: If a large datagram is transferred from network to network, the router may divide the datagram into fragments. Each fragment has an identification number. oReassembly oHandling error and request (ICMP): When a fragment fails to arrive or is corrupted, ICMP generates an error message. Also, it allows one to see if there is a physical connection to a host (ping)
28
IP Addressing
wDotted decimal notation format n4 decimal number separated by decimal points nEach decimal is one byte in length nThe decimal numbers are in the range 0-255 wConsists of two parts nThe network portion Internet administered (cannot be modified) nThe host portion Locally administered (can be modified) wIANA (Internet Assigned Numbers Authority) and ARIN (American Registry for Internet Numbers) manage the assigning of IP addresses
29
IP Addressing
wAddress assignment characteristics nAddresses are assigned to one of the three classes: A, B, and C nClass D is reserved for multicast address nClass E is reserved for experiment nAddress 127.0.0.0 is used for IP loopback testing wAddresses reserved for private addresses: nClass A: 10.0.0.0 nClass B: 172.16.0.0 thru 172.31.0.0 nClass C: 192.168.0.0 thru 192.168.255.0
30
Remote Access
Remote access clients are either connected to only the remote access servers resources, or they are connected to the RAS servers resources and beyond. A Windows 2000 remote access server provides two remote access connection methods: dial up remote access and VPN remote access .
Thank You