© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

Slides:



Advertisements
Similar presentations
Windows Server 2003 AD 安裝設定與管理維護 林寶森
Advertisements

Chapter 6 Introducing Active Directory
Chapter 4 Chapter 4: Planning the Active Directory and Security.
Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
CS603 Active Directory February 1, 2001.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Chapter 4 Introduction to Active Directory and Account Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
Module 1: Introduction to Active Directory
Hands-On Microsoft Windows Server 2008
Hands-On Microsoft Windows Server 2008
Chapter 4: Active Directory Design and Security Concepts
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
© N. Ganesan, Ph.D., All rights reserved. Active Directory Installation Nanda Ganesan, Ph.D.
Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services Lesson 1.
(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
Chapter 4 Introduction to Active Directory and Account Management
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Windows Server 2008 Chapter 4 Last Update
Review. 2 Main Areas Client and Server / Active Directory.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Welcome to Unit 4 IT278 Network Administration Course Name – IT278 Network Administration Instructor.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Active Directory Windows2003 Server. Agenda What is Active Directory What is Active Directory Building an Active Directory Building an Active Directory.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
Module 7 Active Directory and Account Management.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Module 1: Implementing Active Directory ® Domain Services.
Hands-On Microsoft Windows Server 2008 Chapter 4-Part 1 Introduction to Active Directory and Account Manager.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
Active Directory Infrastructure Microsoft Windows 2003 Active Directory Infrastructure MCSE Exam
OVERVIEW OF ACTIVE DIRECTORY
Introduction to Active Directory
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Module 1: Introduction to Active Directory
Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006.
1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Overview of Active Directory Domain Services Lesson 1.
Module 2: Implementing an Active Directory Forest and Domain Structure.
Overview of Active Directory Domain Services
Implementing Active Directory Domain Services
Overview of Active Directory Domain Services
(ITI310) SESSIONS 6-7-8: Active Directory.
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Active Directory Stored collection of information about objects
Unit 3 NT1330 Client-Server Networking II Date: 1/6/2016
Network Administration
Introduction to Active Directory Directory Services
Presentation transcript:

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

References Technical overview of Windows 2003 Active Directory Introduction to Windows 2003 Active Directory in application mode Windows 2003 Reviewer’s Guide

Agenda What is Active Directory Building an Active Directory Using Active Directory Features Active Directory Objects Auditing Active Directory

Group Names Contributions made by –Charles Guzman –Daniel Gebretensai –Ervand Akopyan –Hovik Gharadaghi

Introduction to Active Directory

Overview of Active Directory Directory services of the Windows server system Stores information about network object and makes the information available to administrators, users, and applications Provides a single point of network management allowing people to add, remove, and relocate users and resources easily Integrated with Internet’s hierarchical domain naming system

Active Directory Properties Integration with DNS Flexible querying Information security Simplified administration Scalability

Object and Schema Objects are the basic entities that constitute the Active Directory –Each object will have it own globally unique identifier (GUID) Schema –Describes the object classes –Defines the attributes for the object classes

Structural Components Objects based hierarchical structure with constructs –Domains –Trees –Forests –Trust relationships –Organizational Units –Sites

A Simple Active Directory Structure

Active Directory and DNS Integration

Parent and child domains in a domain tree. Double-headed arrows indicate two-way transitive trust relationships Tree

One forest with three domain trees. The three root domains are not contiguous with each other, but EuropeRoot.com and AsiaRoot.com are child domains of HQ-Root.com. Forests

Shortcut trusts between Domains B and D, and between Domains D and 2 Internal Trusts in a Forest

Trust Relationships Transitive Two-way Shortcut trusts External trusts

Trust Relationships

Intra-site replication with just one domain. Organizational Units

Intra-site replication with two domains and two global catalogs Trust Relationships

Directory Protocols Based on standard directory protocols Interoperate with other protocols Example: LDAP –LDAP it is used to add, modify, delete and query information stored in AD –LDAP to AD is like SQL to Oracle –LDAP determines how a client can access the directory, operations within the directory and share directory data

Active Directory Security Based on Kerberos Supports multiple security configurations for cross platform interoperability –Clients: A domain controller will authenticate clients running RFC-1510 Kerberos. This will include other clients running other operating systems. –Unix clients and services: A Kerberos principal is mapped to a Windows 2000 user or computer account

Installation Of Active Directory

Requirements The computer must be Windows 2k, 2k3 Server, Advanced Server or Datacenter Server. At least one volume on the computer must be formatted with NTFS. DNS must be active on the network prior to AD installation or be installed during AD installation. DNS must support SRV records and be dynamic. The computer must have IP protocol installed and have a static IP address. The Kerberos v5 authentication protocol must be installed. Time and zone information must be correct.

DCPROMO

Role of DNS Clients use DNS to locate Active Directory controllers. Servers and client computers register their names and IP addresses with the DNS server

Managing Active Directory

Creating a Child Domain

Requirements Existing Domain Member Server

Managing Objects in Active Directory

Frequently Managed Objects Users Computers Groups

Managing Users

Managing Computers

A Client Joining a Domain

Managing Groups

Group Policy Feature Defines the various components of the users desktop environment that an administrator must manage Applies not only to user and client computers but also to member servers, domain controllers, and other 2003 server in scope of management

Group Policy cont’d Manage registry-based policy with Administrative Templates Assign scripts. This includes scripts such as computer startup, shutdown, logon, and logoff redirect folders, such as My Documents and My Pictures, from the Documents and Settings folder on the local computer to network locations

Configuring a Custom Console

Adding a Group Policy Object

Auditing

Audit related functional activities

Some Auditable Activities Account logon and logon events Object access Account management Directory service access Policy change System events Process tracking Privilege

Some Auditing Function Logon/Logout User access to resources –File, folder, registry key, printer etc. Account management –Create users and groups, modify membership, change password etc. Systems events –Service start/stop Directory service access –User’ access to Active Directory objects

The list of auditing options

References indowsserver2003/library/DepKit/d2ff e4-acdc-8cae1b593eb1.mspxhttp:// indowsserver2003/library/DepKit/d2ff e4-acdc-8cae1b593eb1.mspx hnol/windowsserver2003/technologies/dire ctory/activedirectory/stepbystep/domcntrl. mspx#EFAAhttp:// hnol/windowsserver2003/technologies/dire ctory/activedirectory/stepbystep/domcntrl. mspx#EFAA

The End

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.