Review on Active Directory. Aim Enable users to find network resources easily Central and easy administration of users and resources in a domain Improve.

Slides:



Advertisements
Similar presentations
Managing User, Computer and Group Accounts
Advertisements

LDAP Lightweight Directory Access Protocol LDAP.
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Chapter 4 Chapter 4: Planning the Active Directory and Security.
Virtual Directories: Attack Models and Prevention June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram laboratory.
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Administering Active Directory
Windows Server WHAT IS ACTIVE DIRECTORY? FUNDAMENTALS OF THE ACTIVE DIRECTORY – Benefits of Using the Active Directory in an Enterprise Environment.
Chapter 4 Introduction to Active Directory and Account Management
3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
Understanding Active Directory
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,
Chapter 7 WORKING WITH GROUPS.
Overview of Active Directory Domain Services Lesson 1.
Overview of Active Directory Domain Services Lesson 1.
(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.
BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.
Module D Panko and Panko Business Data Networks and Security, 9 th Edition © 2013 Pearson Education, Inc. Publishing as Prentice Hall.
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.
GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.
Introduce LDAP 张海鹏 SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.
The Directory A distributed database Distributed maintenance.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Module 11: Remote Access Fundamentals
Configuring Active Directory Objects and Trusts
Module 7 Active Directory and Account Management.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
The DSpace Course Module – Configuring LDAP. Module objectives  By the end of this module you will:  Understand how DSpace uses LDAP for authentication.
1 Windows 2008 Configuring Server Roles and Services.
Active Directory Travis Favors Ryan Manuel Robert Rayer.
Secure Networking Windows 2000 Distributed Security Services Sandeep Joshi Group 4.
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.
 Identify Active Directory functions and Benefits.  Identify the major components that make up an Active Directory structure.  Identify how DNS relates.
Module 3: Managing a Microsoft ® Windows ® Small Business Server Environment.
Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.
Security Windows 2000 Richard Goldman © December 4, 2001.
Working with Workgroups and Domains Lesson 9. Objectives Understand users and groups Create and manage local users and groups Understand the difference.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 11: Managing Access to File System Resources.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
By Rashid Khan Lesson 6-Building a Directory Service.
1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.
GRID Centralized Management of the Globus grid-mapfile Carlo Rocca, INFN Catania.
OVERVIEW OF ACTIVE DIRECTORY
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Three Managing Recipients.
Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Module 6 Creating and Configuring Group Policy. Module Overview Overview of Group Policy Configuring the Scope of Group Policy Objects Evaluating the.
CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.
MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
Nassau Community College
Overview of Active Directory Domain Services
Overview of Active Directory Domain Services
(ITI310) SESSIONS 6-7-8: Active Directory.
Active Directory Stored collection of information about objects
CEG 2400 Fall 2012 Directory Services - LDAP
Chapter 4: Planning the Active Directory and Security
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Review on Active Directory

Aim Enable users to find network resources easily Central and easy administration of users and resources in a domain Improve security by controlling access on resources and restrictions placed on user and computer configuration

Structure Hierarchical structure Forest Tree

Necessary components Domain controller(s) as central repository of the domain and provides access control DNS server for locating resources Other computers: servers and workstations added to domain by domain administrator

Protocols used Kerberos for network authentication Lightweight Directory Access Protocol (LDAP) to provide directory service (to get information about objects)

Information obtained from LDAP

Entry in AD dn: cn=John Doe,dc=example,dc=com cn: John Doe givenName: John sn: Doe telephoneNumber: telephoneNumber: mail: manager: cn=Barbara Doe,dc=example,dc=com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top

Search information in AD

Group Policy Rules to define settings of either users and computers Hundreds of settings can be defined Each setting has 3 possible states: –Not configured –Disabled –Enabled

Group Policy Apply to

Property of Group Policy Policy setting inherited by child containers A container can have multiple policies being applied Which policy setting comes into effect depends on it precedence of the policy

Group Policy Management Tool Download from Microsoft for easy management of group policy

Log on Procedure Authentication –User at log on –Computer at machine start Issue of Access Token –AD gathers all group policy applied to the user and computer and returns a list of SID to user’s computer –The LSA uses the SIDs to form an access token

Content of Access Token To show identity and privilege Name SID of user Groups SID of groups user belongs Logon SID (valid for a certain duration)

Request for use of network resources Authenticate the user’s request by comparing the Access Token to the Security Descriptor of an object

Content of Security Descriptor SID of owner SID of group (seldom used in Windows) DACL –SID, Rights –Deny on top System ACL

Update of Access Token Every 30 minutes or as set in the group policy

Samples of Group Policy A package called Common Scenario provided by Microsoft –Lightly managed –Mobile –Multi-user –App station –Task station –Kiosk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.