Introduction to Active Directory December 10th, 2008 1-3pm Daniels 407.

Slides:

Advertisements

Similar presentations

Auditing Microsoft Active Directory

Advertisements

Ljubomir Ivaniš CPU d.o.o.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

WSUS Presented by: Nada Abdullah Ahmed.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

NREL is a national laboratory of the U.S. Department of Energy Office of Energy Efficiency and Renewable Energy operated by the Alliance for Sustainable.

WIN.MIT.EDU  Where are we today  Related services  Current enhancements  Some future enhancements  SharePoint  Panel Discussion.

Understanding Group Policy on Windows Server 2003.

Module 5: Creating and Configuring Group Policy

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

Understanding Active Directory

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

Group Policy in Microsoft Windows Active Directory.

(ITI310) By Eng. BASSEM ALSAID SESSIONS

4/20/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Active Directory: OU Administration December 17th, pm Daniels 407.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

GROUP POLICY An overview of Microsoft Windows Group Policy.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

IT:Network:Microsoft Server 2 Chapter 27 WINDOWS SERVER UPDATE SERVICES.

WolfTech Active Directory: OU Administration June 30th, pm Daniels 407.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

A detailed look at the Microsoft Windows Infrastructure at UWE including Active Directory (AD), MIIS, Exchange, SMS, IIS, SQL Server, Terminal Services.

Active Directory Academic IT Directors December 6 th 2005.

Module 15: Manage the Windows ® Small Business Server 2008 Environment Using Group Policy.

Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.

70-411: Administering Windows Server 2012

11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

Workstation Imaging Process Overview Thomson Reuters –Manoj Shah –Mike Bowers –Curt Ricard –Sangkhone Stoltz –Joe Ness March 26 th, 2009.

Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.

Module 7 Configure User and Computer Environments By Using Group Policy.

Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC.

1 Windows 2008 Configuring Server Roles and Services.

1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.

GPO - WINDOWS SERVER AGENDA: Introduction Group Policy Overview Types of Group Policies/Objects Associated Technologies How to implement.

4. Managing the Desktop Thomas Lee Chief Technologist – QA plc.

Module 5: Implementing Group Policy

 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.

Module 5: Creating and Configuring Group Policies.

Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.

11 PLANNING A GROUP POLICY MANAGEMENT AND IMPLEMENTATION STRATEGY Chapter 10.

Managing Applications, Services, Folders, and Libraries Lesson 4.

Week 4 Objectives Overview of Group Policy Group Policy Processing Implementing a Central Store for Administrative Templates.

1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Managing Servers Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Using Remote DesktopPlan server management strategies 2.1 Delegating.

1.1 Microsoft® Windows® 2003 Server Group Policy Management Prof. Abdul Hameed.

Introduction to Group Policy Lesson 7. Group Policy Group Policy is a method of controlling settings across your network. – Group Policy consists of user.

Windows Enterprise Services.  Introductions  UNM Directory Services  RSAT  Organizational Units (OU)  Active Directory Groups  Naming Convention.

Secure Connected Infrastructure

Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.

Windows Server 2008 Administration

Presentation transcript:

Introduction to Active Directory December 10th, pm Daniels 407

What we are going to cover... The basics of Active Directory What AD is What AD isn't Tools Management Concepts Additional Services Q & A

Active Directory is... A directory service that provides the ability for centralized: Authentication Authorization Management Active Directory is based on LDAP. LDAP is an industry standard method to access information from a remote database. LDAP does not define what sorts of info are stored or how it should be stored, only how to access it. Any type of data can be stored in a properly constructed LDAP service. In fact, Active Directory Application Mode is just a stand-alone LDAP server. Active directory stores copies of it's data on several Domain Controllers (DC's). If one fails, services are still available.

Tools Remote Server Administration Toolkit (RSAT) includes: Active Directory Users and Computers (ADUC) Group Policy Management Console (GPMC) Group Policy Editor DFS Management Console Print Managment Console Domain-wide Administration: Active Directory Sites and Services Active Directory Domains and Trusts

AD Objects Organizational Units Users Computers Groups Links (publishing): Shares Print Shares

What AD isn't A 100% solution A desktop environment Microsoft only The same as Novell 100% Automatable A true identity management system Perfect

Authentication Native: Kerberos (Version 5) NTLMv2 LDAP Smart Cards/Certificates Extendable to include: Biometrics Client machines authenticate as well, not just user accounts Supports dual factor authentication Mac, Linux clients can auth against AD

Trusts Trusts don't imply any sort of authorization or rights assignment. If Domain "A" trusts Domain "B" all it implies is that accounts from "B" can be used in "A" No rights assignments of any kind are made automatically. This makes it possible to access resources in multiple domains using a single account. Trusts: Intra-Forest Inter-Forest Cross Realm

Authorization Delegation Wizard Types of Permissions: Directory o GPO's o Manage Groups Machine o Local/Remote Login o User vs. Admin o Group Policy allows setting any local permission Groups are key to any good permissions model *AD supports Nested Groups*

Management Concepts Domain Structure o OU structure o User/Computer Locations o Grouping Strategy Group Policy o Linking o Filtering  Groups  WMI Filters o Starter GPO's o Copying GPO's o Group Policy Modelling

Policies vs. Preferences Policies: o Policies usually cannot be changed by end user o Configuring IE o Deploying Software o Configuring Desktop Experience Preferences: o End user override optional per setting o Pushing Files/Reg Keys/Shortcuts o Item-Level Targeting Both have User and Computer Settings Loopback - Process User settings using Computer location

Group Policy Examples Remote Assistance - Policy Remote Administration - Policy Configure Wireless - Policy Configure Firewall - Policy Deploy Printers - Policy or GPP Deploy Startup/Shutdown/Logon/Logoff Scripts - Policy or GPP Deploy Software (.msi's) - Policy Deploy Scheduled Tasks - GPP Mapped Drives - GPP Power Settings - GPP

Windows Server Update Services (WSUS) Unified Patch Management for MS Products - FREE Apply patches based on grouping o Server side groups o *Client Side Targeting via Group Policy* Types of Patches: o Service Packs/Security Patches/Bugfixes o Drivers o Defender definitions o Office Patches/Service Packs o Add-ons: Windows Media, Silverlight, GPP, etc. o Server Products: SQL, IIS Ability to back out patches per group of machines (not always supported by the patches)

Distributed File System (DFS) DFS is a Network File System Core CAL Required Roots (Namespaces) o Delegation Folders o Create Arbitrary structure Targets o Where the files are Multi-Master Replication

Windows Distribution Services (WDS) Replaces Remote Installation Services (RIS) Core CAL Required Imaging for XP/Vista/2K3 Server/2K8 Server Uses PXE for medialess install Uses WinPE (think Vista on a CD) as install environment Can have a library of drivers GUI tools for setting up: o Post-install scripts o Joining a domain

Additional Services Core CAL Required (NCSU has a Site License!): Certificate Services - PKI File Services (Clustering, iSCSI) Print Services IIS / Webdav Sharepoint Services 3.0 Additional stuff we don't use: DNS/DHCP Additional CAL Required: Terminal Services

Questions?