Network Administration Active Directory services

Nội dung Create ADS Create AD’s Object Moving from Workgroups to Domain Environments Create ADS Create AD’s Object

from Workgroups to Domain Environments New features Domain structures Configuring Sites Moving Operations Master Roles Back Up AD

Domain Design- New Feature Active Directory Recycle Bin Fine-grained password policies Domain rename function Cross-forest transitive trusts Domain controller promotion from media

Domain Structure

AD DS structure with OU

Multiple Domain Model

Multiple Domain Real-World

Multiple Trees in a Single Forest

Federated Forests Design Model

Federated Forests Real-World

Peer-root domain with schema security for added protection and integrity

Unpopulated placeholder domain

Complex AD DS placeholder domain structure

Install First DC of Forest enter dcpromo Choose a Deployment Configuration choose Create a New Domain in a Forest Provide domain name (FQDN) forest functional level Windows Server 2008 install DNS If not yet

Installation Wizard

Cont.

available Administrative Tools

Setting Up Additional DCs start dcpromo choose to do 1 of Add a domain controller to an existing domain Create a new domain in an existing forest. Create a new domain tree root instead of a new child domain

Creating an additional DC

Install an RODC Read-Only Domain Controller (RODC) In Additional DC Options page, choose Read-Only Domain Controller option password replication policy

Choosing an RODC

password replication policy

Prepare an Existing Domain Schema Install AD DS into 2003 domain  modify schema use adprep \sources\adprep folder

switches

Create Active Directory Objects Design and Create an OU Structure Create Computer Objects Create User Objects

Create User Objects Active Directory Users & Computers Rclick/New, Organizational Unit provide name

OU

Create Computer Objects PC object is created automatically if you add that computer to domain steps Rclick domain/OU/New, Computer. Provide a computer name Select a user or group. Default:Domain Admins right-click account/Properties

Properties

Properties

Properties

Create User Objects Select domain, built-in users container, or specific OU Rclick/ New, User. provide basic information Create a password right-click user and click Properties

Create User Objects

Properties

Properties

Properties

Properties

Work with Site and Domain Consoles Active Directory Sites and Services Active Directory Domains and Trusts Change Default-First-Site-Name Name

Change Default-First-Site-Name Name

Enable Global Catalog

Enable Global Catalog

Create a New Site Sites and subnets are logical representations of physical realities. Multiple physical subnets may exist within a single site

Create a New Site

Create a New Subnet

Move a DC to a New Site

AD Domains and Trusts Raising Domain and Forest Functional Levels Changing Operations Master Roles Create an External Trust

Steps

Steps

Changing Operations Master Roles

Create an External Trust

Windows Server 2008 UNIX Integration new subdomain record appears within the domain records for the zone

Services for NFS component

major components of Windows Server 2008 R2 UNIX

Install Services for NFS

Install Services for NFS

Using and Administering Services for NFS

Configuring Active Directory Lookup for UNIX GID and UID

Configuring Client for NFS and Server for NFS Settings

Configuring Client for NFS and Server for NFS Settings

Creating NFS Shared Network Resources

Creating NFS Shared Network Resources

Installing the Subsystem for UNIX-Based Applications

Understanding Identity Management for UNIX components

Installing Identity Management for UNIX Components

Installing Identity Management for UNIX Components

Configuring Password Change Capabilities

Adding NIS Users to Active Directory

Administrative Improvements with Windows Server 2008 R2

Administrative Improvements with Windows Server 2008 R2