Presentation is loading. Please wait.

Presentation is loading. Please wait.

Demonstrations of Interoperability with Windows 2000

Published byGabriel Lee Modified over 6 years ago

Similar presentations

Presentation on theme: "Demonstrations of Interoperability with Windows 2000"— Presentation transcript:

0

1 Demonstrations of Interoperability with Windows 2000
Presented by Brad Waller

2 Presentation Contents
During this presentation we will: Discuss the fundamentals of Windows 2000 Active Directory Explore the full capabilities of Windows 2000 and Windows XP clients as members of a Windows 2000 domain Examine some interoperability options between Active Directory and UNIX

3 Presentation Contents (con’t)
Examine some interoperability options between Active Directory and Novell Netware 5.0 Access a Novell Netware 5.0 server using the Novell Windows Client Explore integration of Macintosh clients in an Windows 2000 Active Directory environment

4 Learning Tree International
An independent technical training organization Web: Phone: THE-TREE

5 Convergent Technology Alliance
An independent technical consulting company We provide customized technical consulting services and technology solutions Please take one of our brochures for a more complete description of our capabilities Web:

6 Introducing Your Presenter
Current position and job responsibilities Background in computer technology

7 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

8 Active Directory Overview
Active Directory (AD) is Microsoft’s latest version of directory services in Windows 2000 Replaces and greatly extends the Windows NT 4.0 Security Accounts Manager (SAM) database Available on every version of Windows 2000 Server AD is a collection of networked services and distributed databases that contain your enterprise’s configuration information Entities like users, groups, computers and resources are represented by logical objects stored in the AD database

9 An Active Directory Blue Print

10 Active Directory Logical Components
The logical structure of AD provides a method for designing a hierarchy that makes sense to users and those who manage it The logical structure is used to organize all your network resources The logical AD structure includes these objects: Domains, Organizational Units, Trees and Forests

11 Active Directory Physical Structure
AD physical structure helps to configure and manage network traffic and the logon process It defines where and when AD replication and user logon traffic occur The physical structure of AD is composed of Sites and Domain Controllers Sites are the equivalent of IP subnets Domain Controllers host the Active Directory database and associated services

12 Active Directory Supported Technologies
AD is specifically designed to interoperate with a variety of other industry standard directories, services and namespaces including: DNS, DHCP, LDAP, Kerberos, X.509 Certificates, WINS, SNTP, NDS, NFS, SAM and more… TCP/IP is required as a network transport Additional transport protocols are supported

13 ACTIVE DIRECTORY DEMONSTRATION

14 Demo Roadmap Active Directory

15 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

16 Windows 2000/XP Professional
For access to all AD/Windows 2000 capabilities, clients must be running Windows 2000 or Windows XP Professional The home version of XP doesn’t support domains Windows XP Professional provides very little increased domain functionality over Windows 2000 Professional Most of XP’s enhancements are primarily cosmetic

17 Intellimirror Intellimirror is a set of technologies integrated into and exclusively accessible to Windows 2000 Designed to increase availability and reduce the overall cost of supporting Windows 2000 clients The core of IntelliMirror consists of 3 features: User Data Management Software Installation and Maintenance User Settings Management Remote Windows 2000 Professional operating system installation is also supported

18 Intellimirror Features, Benefits and Supported Technologies

19 WINDOWS 2000 CLIENT DEMONSTRATION

20 Demo Roadmap Active Directory Windows 2000 Professional

21 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

22 Windows to UNIX Integration
Windows 2000 provides some UNIX integration right out of the box Print to and from UNIX (lpr, lpd) FTP, HTTP, Telnet server and client Lightweight Directory Access Protocol (LDAP) Protocol to access the Active Directory database Kerberos v5 authentication A Windows add-on can be purchased from Microsoft that extend this default capability Known as “Windows Services for UNIX” (SFU)

23 Windows Services for UNIX v3.0
SFU provides services for integrating Windows servers and clients into UNIX-based environments Cost is $99, also available as a 120-day evaluation Runs on Microsoft Windows NT 4.0, Windows 2000, and Windows XP Professional Does not work with Windows 9x, Windows ME, or Windows XP Home Edition

24 Windows Services for UNIX v3.0 (con’t)
SFU has been tested specifically with these UNIX versions only: Solaris 2.7, HP-UX 11, IBM AIX and Red Hat Linux 7.0 But it should run on all UNIX variants Provides an NFS client, NFS server, C shell and KornShell command line environments Access to 60 UNIX commands 2-way password synchronization with complexity enforcement

25 Interix Interix is a native Windows 2000 subsystem that allows application and script migration from UNIX to Windows Runs on the Windows 2000 kernel Included with SFU Interix provides a complete environment for UNIX-based apps Over 300 tools and utilities Interix SDK accesses over 1900 UNIX API functions All SDKs are available for free download from various Microsoft websites and search on “SDK”

26 Kerberos v5 Kerberos is the primary authentication protocol in a Windows 2000 domain environment AD supports interoperability with other security services based on the MIT Kerberos v5 reference standard Kerberos test utilities are in the Windows 2000 SDK With minor configuration changes, Windows 2000/XP clients can authenticate to a UNIX Kerberos realm The configuration changes help a Microsoft client locate the UNIX Kerberos authentication server Configuration utilities are on the Windows 2000 Server CD in the \support\reskit\netmgmt\security folder

27 Kerberos v5 (con’t) Windows 2000 Domain Controllers can serve as the Key Distribution Center (KDC) server for MIT Kerberos-based client systems UNIX clients can use the kinit command and authenticate to the Windows 2000 domain There are some known Kerberos interoperability limitations: Only DES-MD5 and DES-CRC encryption is available Hierarchical trusts between Windows 2000 and Kerberos realms are not supported Microsoft’s KDC does not support post-dated tickets User/administrator accounts must have the password changed before UNIX Kerberos clients can use them

28 Microsoft clients access files and printers on a Microsoft server by using a proprietary protocol known as Server Message Block (SMB) SMB was tweaked and renamed Common Internet File Sharing (CIFS) in Windows 2000 Samba is a software suite that runs on a UNIX platform providing SMB file and print services to both UNIX and Windows clients It’s a free download

29 SAMBA provides: A SMB server allowing access to files and printers on UNIX servers by Windows clients A standards-based Net BIOS Nameserver Microsoft browsing support A Samba SMB server can be the master browser An ftp-like SMB client can access resources from UNIX on other operating systems An extension to the client that supports back ups

30 UNIX DEMONSTRATION

31 Demo Roadmap Windows 2000 Professional UNIX Integration

32 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

33 Windows 2000 and Novell Netware
Microsoft provides services in Windows 2000 to coexist and interoperate with Novell NetWare clients and servers NetWare clients access file and print services using Novell Core Protocol (NCP) NCP is not compatible with Microsoft’s SMB Versions 4, 5 and 6 of NetWare support Novell Directory Services (NDS) a forerunner of Active Directory NetWare versions 2 and 3 provide directory services through the Bindery Organizations running both NDS and AD potentially have multiple directories to maintain

34 Default Capabilities Out of the box Windows 2000 provides:
NWLINK an IPX/SPX-compatible protocol Client Services for NetWare (CSNW) Allows client access to NetWare 3 and 4 servers Runs on Windows 2000/XP Professional (Requires NWLINK) Doesn’t support NWAdmin Gateway Services for NetWare (GSNW) Microsoft clients access the gateway using SMB Gateway clients don’t require NWLINK The gateway is an SMB to NCP translator GSNW runs on Windows 2000 Server NWLINK is required between the gateway and NetWare server

35 Services for NetWare Services for NetWare (SFN) is a Microsoft add-on consisting of 3 main components: Microsoft Directory Synchronization Services (MDSS) File Migration Utility (FMU) File and Print Services for NetWare (FPNW) The full-version of SFN is $149.00

36 Microsoft Directory Services Synchronization
MDSS supports all major NetWare platforms It also includes support for IPX/SPX and TCP/IP network protocols Can deploy AD without replacing existing directories or the additional cost of managing two separate directories Provides 2-way NDS and 1-way bindery synchronization with NetWare 3.x and above Supports password synchronization and a NDS/Bindery directory migration service

37 Microsoft Directory Services Synchronization (con’t)
2-way synchronization duplicates NDS in AD and AD in NDS Dissimilar objects are mapped between directories Directory updates are forwarded one to the other Requires NDS schema modification to support AD GUIDs 1-way synchronization duplicates the Bindery in AD Bindery updates are forwarded to AD but not the reverse Migration mode moves users, groups and containers out of NDS/Bindery and into AD

38 File Migration Utility
FMU allows large amounts of file data to move from all versions of NetWare to Windows 2000 Directory structures and security permissions are preserved Supports all major NetWare file systems and platforms Includes support for IPX/SPX and TCP/IP

39 File and Print Services for NetWare
Enhances a NetWare network with Windows 2000 servers that look like a NetWare server to NetWare clients, users, and administrators Maintains a single logon for the clients FPNW emulates a NetWare 3.12 compatible file and print server

40 Novell’s Windows Client
Novell’s Windows Client runs on the Windows 2000/XP platform and provides access to all NetWare services including NDS and Bindery Runs over TCP/IP and IPX/SPX Available as a free download from Novell

41 NETWARE DEMONSTRATION

42 Demo Roadmap Windows 2000 Professional Netware

43 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

44 Windows 2000 Services for Macintosh
Services for Macintosh (SFM) runs on a Windows 2000 server Macintosh PCs need only a Macintosh OS to function as workstations in a Windows 2000 domain SFM consists of the following components: File Services for Macintosh (MacFile) Print Services for Macintosh (MacPrint) Microsoft-User Authentication Module (MS-UAM) All SFM components are a free download at:

45 File Services for Macintosh “MacFile”
MacFile allows Macintosh clients to access files stored on a Windows 2000 Server Files are accessible using either TCP/IP or AppleTalk An NTFS directory is designated as a “Mac-accessible volume” Legal file name and NTFS permissions are enforced Macintosh clients can also access some additional features provided by Windows 2000 Servers including: NTFS File System Filters Provides Disk Quotas and Encrypted File System (EFS) capabilities Large volume support Remote Access Services Virtual Private Networks (VPN) are supported

46 Print Services for Macintosh “MacPrint”
MacPrint allows Macintosh users to send print jobs to a spooler on a Windows 2000 Server Requires the installation of the AppleTalk protocol The print job is spooled on the server Users can continue to work, rather than wait for their print jobs to complete Windows OS users can review the print jobs in the queue with Print Manager

47 Network Security SFM enforces security for Macintosh users in the same way it is enforced for Windows 2000 users The same user accounts and passwords are used by Windows 2000 and by Macintosh Kerberos authentication is not supported The standard Apple-UAM provides only minimal encryption, passwords could be intercepted And passwords can only be up to 8-characters

48 Microsoft-User Authentication Module (MS-UAM)
MS-UAM provides secure authentication of Macintosh clients to Windows 2000 Servers running SFM Passwords can be up to 14 characters in length The latest version of MS-UAM includes support for NTLM v2 authentication and a MacOS X 10.1 compatible release Encryption is 128-bits strong

49 MACINTOSH DEMONSTRATION

50 Demo Roadmap Active Directory Macintosh

51 Presentation Roadmap Wrap-Up Active Directory
Windows 2000 Professional UNIX Integration Wrap-Up Macintosh Netware

52 Presentation Wrap-Up In this presentation we will have:
Discussed the fundamentals of Windows 2000 Active Directory Explored the full capabilities of Windows 2000 and Windows XP clients as members of a Windows 2000 domain Examined some interoperability options between Active Directory and UNIX

53 Presentation Wrap-Up (con’t)
Demonstrations of Interoperability with Windows 2000 Presentation Wrap-Up (con’t) Examined some interoperability options between Active Directory and Novell Netware 5.0 Accessed a Novell Netware 5.0 server using the Novell Windows client Explored integration of Macintosh clients in an Windows 2000 Active Directory environment

54 Additional Information
Supplemental information is available at our website Download a file containing some of the key screen shots shown during the presentation Download a copy of this PowerPoint presentation Web: Just click on the links

55 Demonstrations of Interoperability with Windows 2000
ANY QUESTIONS ???

Download ppt "Demonstrations of Interoperability with Windows 2000"

Similar presentations

Donnie Hamlett Technology Specialist Microsoft Corporation Microsoft Services for NetWare 5.0 Overview Overview Directory Synchronization Services Directory.

Donnie Hamlett Technology Specialist Microsoft Corporation Microsoft Services for NetWare 5.0 Overview Overview Directory Synchronization Services Directory.
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
Chapter Nine NetWare-Based Networking. Objectives Identify the advantages of using the NetWare network operating system Describe NetWare’s server hardware.

Chapter Nine NetWare-Based Networking. Objectives Identify the advantages of using the NetWare network operating system Describe NetWare’s server hardware.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Resource Sharing Over a Network

Resource Sharing Over a Network
Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.

Chapter 12 Reading assignment n From “Running Linux”, on reserve at PSU Main library (2-hour checkout) Chapter 1 (pages 1 through 41)Chapter 1 (pages 1.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.

Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Securing Access in a Heterogeneous Network Environment Providing Interoperability between Microsoft Windows 2000 and Heterogeneous Networks Securing Authentication.

Securing Access in a Heterogeneous Network Environment Providing Interoperability between Microsoft Windows 2000 and Heterogeneous Networks Securing Authentication.
1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.

1 Chapter Overview Understanding the Windows 2000 Networking Architecture Using Microsoft Management Console.
Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:
Samba

Samba

Similar presentations

Ads by Google