Microsoft Windows Domains Structure and Services Chatziioannidis Christos Computer & Informatics Engineer Computer & Networking Services Computer Technology Institute

MS Domain DNS zone Active Directory Intergraded Services Trusts Security

MS Domain DNS zone Computers Users Services –Mail –Web –File Sharing –Document management –Certificate Authentication – Media Services Active Directory Objects

MS Domains - Trusts mydomain.com yourdomain.com One way Trust yourdomain.com accepts accounts from mydomain.com mydomain.com accepts accounts from yourdomain.com Two ways Trust

MS Domains - Trusts subB.sub2.mydomain.com mydomain.com sub1.mydomain.com sub2.mydomain.com subA.sub2.mydomain.com Administration sub1. yourdomain.com yourdomain.com sub2. yourdomain.com Trust

MS Domain - Administration subA.sub2.mydomain.com subB.sub2.mydomain.com mydomain.com sub1.mydomain.com sub2.mydomain.com Administration Administrators Group Site 1 Site 2Site 3 Site 4 Conditions 1.IP Address 2.Availability

MS Domain – DNS (Services) Forward DNS Reverse DNS DDNS AD subzones NAME  IP Pc01.mydomain.com  IP  NAME  Pc01.mydomain.com Automatic Register DNS & Optional PTR record Subzones used for AD Services Authentication MSN Sites LDAP

MS Domain - DHCP Supplies: –IP – Subnet – Gateway –DNS Servers –Wins Options, etc Control Pools (Exclude, Reserve) Control Security – MAC Addresses Warning A DHCP Server in AD must be first Authenticated

MS Domain - Security Authentication Authorization Kerberos  KDC Technology KDC Authentication Ticket Exchange DC ServerClient AD Intergraded Service Applications Server Authenticated using Ticket

MS Domain - Logon 1.DHCP 2.AD Authentication 3.DDNS Access to Services through SINGLE Logon

Access through LDAP MS Domain – A ctive D irectory Organizational Units (OUs) Objects –User –Computer –Printer –Share Folder –Contact –Group –Service Information (Exchange, Communication Server, etc) Policies Applied Control

MS Domain - Services Auditing Communications Server RRAS Routing & Remote Access Server DBs SQL, MSDE WEB, FTP (IIS) SNMPMail DNS Media Services File & Printing Sharing NFS Terminal Services WSUS