Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright Nanda Ganesan1 CHAPTER NT Domains. © Copyright Nanda Ganesan2 Chapter Objectives Give an overall picture of the NT networking architecture.

Published byEsmond Cannon Modified over 8 years ago

Similar presentations

Presentation on theme: "© Copyright Nanda Ganesan1 CHAPTER NT Domains. © Copyright Nanda Ganesan2 Chapter Objectives Give an overall picture of the NT networking architecture."— Presentation transcript:

1 © Copyright Nanda Ganesan1 CHAPTER NT Domains

2 © Copyright Nanda Ganesan2 Chapter Objectives Give an overall picture of the NT networking architecture Explain the concept of domain Describe the different domain models Examine the role of the main constituents, namely the users, in the domain Discuss various types of user accounts –Group, built-in etc

3 © Copyright Nanda Ganesan3 Chapter Modules Windows NT Network Architecture An Overview of Domains Domain Models An Overview of Group and User Accounts Built-in User and Group Accounts

4 4 MODULE Windows NT Network Architecture

5 © Copyright Nanda Ganesan5 Module Objectives Microsoft network architectures The workgroup The domain A servers role in a domain A typical domain Domain architecture with fault tolerance Domain architecture with multiple server types

6 © Copyright Nanda Ganesan6 MS Network Architectures Workgroup based architecture Domain based architecture Active Directory

7 © Copyright Nanda Ganesan7 Workgroup Peer-to-Peer architecture Each workstation maintains its own Security Account Manager (SAM) database Examples: –Windows 95 –Windows for Workgroup Usage –Low cost peer-to-peer applications Mostly share-level control

8 © Copyright Nanda Ganesan8 Domain Client-Server architecture Contains at least one server and workstations Security Account Manager(SAM) database –Maintained on a server designated to be a domain controller Share-level as well as user-level controls are possible

9 © Copyright Nanda Ganesan9 The Role of a Server in a Domain Primary Domain Controller (PDC) Backup Domain Controller (BDC) Stand-alone Server

10 © Copyright Nanda Ganesan10 A Typical Domain PDCClient Server

11 © Copyright Nanda Ganesan11 A Domain Architecture with Fault Tolerance PDCBDC Client SAM Copy of SAM

12 © Copyright Nanda Ganesan12 Domain Architecture with All Three Types of Servers PDCBDC ServerClient Stand-alone

13 © Copyright Nanda Ganesan13 END OF MODULE

14 14 MODULE An Overview of Domains

15 © Copyright Nanda Ganesan15 Module Objectives Domain defined A simple domain Multiple domains Trust: The binding between domains A simple example of trust

16 © Copyright Nanda Ganesan16 Domain Defined Grouping of users Grouping of resources Definition of Access Rights and Access Controls

17 © Copyright Nanda Ganesan17 A Simple Domain Domain Users/ Administrators Resources

18 © Copyright Nanda Ganesan18 Large Network Multiple Domains Domain A Domain B Domain C

19 © Copyright Nanda Ganesan19 Trust: The Binding Between Domains The binding factor of multiple domains Domains can trust one another A user from a trusted domain can enter a trusting domain without authentication

20 © Copyright Nanda Ganesan20 Trust: A Simple Example Domain ADomain B Trust Domain B trusts domain A. Users entering Domain A can enter Domain B without further validation.

21 © Copyright Nanda Ganesan21 END OF MODULE

22 22 MODULE Domain Models

23 © Copyright Nanda Ganesan23 Module Objectives Major NT domain models A single domain model Constituents of a domain Users and resources Need for multiple domains Master domain model Multiple master domain model The complete trust model

24 © Copyright Nanda Ganesan24 NT Domain Models Single Domain Master Domain Multiple-Master Domain Complete Trust

25 © Copyright Nanda Ganesan25 A Simple Example of a Single Domain PDCClient Server Domain A Administrator User

26 © Copyright Nanda Ganesan26 Basic Constituents of a Domain Users Resources

27 © Copyright Nanda Ganesan27 Users and Resources Users and administrators can be of different types –Administrators, server operators, domain users etc. Resources can be of different types –Workstations, printers, modems etc.

28 © Copyright Nanda Ganesan28 Need for Multiple Domains Single Domain –Manageable number of users –Facilitates simple and centralized management Move to Multiple Domain –Slow response due to a large number of users in a single domain –If multiple domains are desired due to modular organizational structure

29 © Copyright Nanda Ganesan29 Master Domain Model Domain A (Master) Domain B (Trusting) Domain C (Trusting)

30 © Copyright Nanda Ganesan30 Master Domain Characteristics Centralized control of security Flexibility to manage locally Browsing load is distributed among the domains Master domain limitation may require expansion to the next model –Limited to 26,000 users for instance

31 © Copyright Nanda Ganesan31 Multiple Master Domain Model Domain A (Master) Domain B (Master) Domain D (Trusting) Domain C (Trusting)

32 © Copyright Nanda Ganesan32 Multiple Master Domain Characteristics The same advantages as the Master Domain model –Centralized security –Flexibility to manage the resources locally –etc. Advantage of being able to expand to cover a larger Enterprise Disadvantage of becoming complicated with too many domains and trust relationships

33 © Copyright Nanda Ganesan33 The Complete Trust Model Domain A (Master) Domain B (Master) Domain D (Trusting) Domain C (Trusting)

34 © Copyright Nanda Ganesan34 The Complete Trust Model Characteristics Flexible operation –Reduces the load on any one or more master domain No centralized control on security –Hence, this model is not the model of choice by the IS departments

35 © Copyright Nanda Ganesan35 END OF MODULE

36 36 MODULE An Overview of Group and User Accounts

37 © Copyright Nanda Ganesan37 Module Objectives User participation in domains User rights and access to resources Restrictions on usage of resources Types of user accounts and groups Global groups Local groups Global user accounts Local user accounts

38 © Copyright Nanda Ganesan38 User Participation in Domains A user account basically specifies a user’s access rights to the resources Accounts can be individual user accounts or group accounts The scope can be global or local in the case of user accounts

39 © Copyright Nanda Ganesan39 User Rights and Access to Resources Account Resource User Resource

40 © Copyright Nanda Ganesan40 Restrictions User Resource Restriction on user account.Restriction on resource.

41 © Copyright Nanda Ganesan41 Types of User Accounts and Groups Groups –Global –Local User Accounts –Global –Local

42 © Copyright Nanda Ganesan42 Global Groups Constitute user accounts created in any one domain –It cannot contain users from any other groups or domains Users in a Global Group can be assigned privileges in the following: –Domain of creation –Trusting domain

43 © Copyright Nanda Ganesan43 Global Group Privileges Domain A Domain B Trust Privileges Global Group

44 © Copyright Nanda Ganesan44 Local Groups Can be assigned privileges only in the domain in which they were created May contain both local users and global groups One of the purposes is to manage access to local resources locally

45 © Copyright Nanda Ganesan45 Global User Accounts User accounts that can be used in domains other than those in which they were created –Through trust relationships In multi-domain models Global User accounts are desirable

46 © Copyright Nanda Ganesan46 Local User Accounts Originate largely in a non-NT network environment –Novell NetWare Confined to the domain in which they are created with the exception of inclusion in global and local groups Enables accounts created in NetWare, IBM LAN Server etc. to participate in Windows NT networking

47 © Copyright Nanda Ganesan47 END OF MODULE

48 48 MODULE Built-in User and Group Accounts

49 © Copyright Nanda Ganesan49 Module Objectives An overview of built-in groups An overview of built-in users Domain administrator Account operator User Domain user Assignment of user account

50 © Copyright Nanda Ganesan50 Built-in Groups Administrator Domain Administrator Backup Operator Server Operator Account Operator Print Operator Power Users

51 © Copyright Nanda Ganesan51 Built-in Users Cont. Users Domain Users Guests Domain Guests Replicator

52 © Copyright Nanda Ganesan52 Domain Administrator Entrusted with all the administrative functions Access to nearly all the resources and user accounts Automatically included in all the trusting domains

53 © Copyright Nanda Ganesan53 Account Operator Create, delete and modify most user accounts Exception in controlling user accounts –Administrators and operators of different types such as server operators etc. User rights cannot be assigned by account operators

54 © Copyright Nanda Ganesan54 User Most users fall into this category They access resources on the domain

55 © Copyright Nanda Ganesan55 Domain User Constitute all user accounts in a domain They can be included in other domains in a multi-domain network

56 © Copyright Nanda Ganesan56 Assignment of User Accounts Each account has its own set of pre- defined privileges In most cases, a user may be conveniently assigned to a built-in account type Additional modifications may be carried out as needed

57 © Copyright Nanda Ganesan57 END OF MODULE END OF CHAPTER

Download ppt "© Copyright Nanda Ganesan1 CHAPTER NT Domains. © Copyright Nanda Ganesan2 Chapter Objectives Give an overall picture of the NT networking architecture."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Chapter 7 LAN Operating Systems LAN Software Software Compatibility Network Operating System (NOP) Architecture NOP Functions NOP Trends.

Chapter 7 LAN Operating Systems LAN Software Software Compatibility Network Operating System (NOP) Architecture NOP Functions NOP Trends.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Administering Active Directory

Administering Active Directory
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.

Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Similar presentations

Ads by Google