1. Active Directory Domain Services Borislav Varadinov Telerik Software Academy academy.telerik.com System Administrator bobi@itp.bg

2.  Domains and Forests  Objects  Sites and Replication  Operation Masters 2

3. 3 Active Directory Domains and Forests Active Directory Domains and Forests

4. What is a Domain Controller?  Manages the Active Directory Objects and Database  Responds to security authentication requests  Replicates information from other domain controllers  Provides information for various network resources  Can be Writable or Read Only 4 UserPass JohnP@sswOrd Jane12345 AD DB OBJECT

5. What is a Domain? 5 AD DB AD DB AD DB  Boundary of Replication  Boundary of Administration  Boundary of DNS Namespace Replication MyCorporation.local

6. What is a Forest?  All Domains in a Forest share:  Schema  Configuration  Global Catalog  The forest is also considered as a security boundary 6 BeraXo.local USA.BeraXo.local BeraXoConsultancy.org

7. Schema  Attributes  Username  Description  Location  Classes  User  Computer  Contact 7 Username Password Address Email User Contact Name

8.  Schema  Definitions of object classes and attributes  Replicated to all DCs in the forest  Configuration  AD Structure (domains, sites, etc.)  Replicated to all DCs in the forest  Domain  Domain specific objects (users, groups, computers, and OUs)  Replicated to all DCs in a domain  Application Partitions 8

9. Global Catalog  Partial Replica of all Objects in the Forest  Configurable subset of Attributes  Fast Forest-wide searches  Required at Logon for Universal Group Membership  Win2k3 – Universal Group Caching 9

10. Trusts 10 BeraXo.local USA.BeraXo.local PartnerCorp.local External or Forest  Provides access to resources located on a domain in a separate forest  Trust options  Direction  Transitivity Child Type Parent/Child External Forest Shortcut Realm

11. Active Directory and DNS  The DNS Service is an essential part of Active Directory  Active Directory cannot work without DNS Service (Even on a single server)  Active Directory and DNS share identical domain name  Domain Controller locator process rely on DNS  DNS Service can store its data in Active Directory 11

12. Active Directory Integrated DNS Zone  SRV Records to locate services  LDAP  Kerberos  Other  Active Directory-integrated DNS  DDNS for Dynamic Update  Single replication topology  Multi-master replication  Secure Dynamic update 12

13.  LDAP  Kerberos  NTLM  RPC  DNS 13 DSA LDAP NTLM Kerberos DNS RPC Replication Windows OS Extensible Storage Engine

14. Active Directory Objects Objects

15. 15 John

16. Domain Groups   Type   Security   Distribution   Scope   Domain Local   Global   Universal 16 HR Department John Bill Kelly

17. 17

18. Organizational Units   Containers within Domains  Organizes users, groups and other objects  Represents departments or geographic regions   Main uses:   Organization   Delegation   Policies 18 Users Sales IT

19. Domain Security Principles   Users   Groups   Computers   Built-in Security Groups   Administrators   Backup Operators   Users   Power Users   Print Operators 19

20. Active Directory Sites and Replication Active Directory Sites and Replication

21. Active Directory Sites  What is a Site?  A set of well-connected IP subnets  Site Usage  Locating Services  Replication  Group Policy Application  Sites are connected with Site Links  Connects two or more sites 21

22. 22

23. 23

24.  Conflict resolution  Operation Masters 24

25. Operation Master

26.  What is an Operation Master?  Why we need Operation Masters? 26

27.  Forest-Wide  Schema Master  Domain Naming Master  Domain-Wide  Primary Domain Controller (PDC)  Relative Identifier (RID)  Infrastructure Master 27

28.  Performs updates to schema  Sends updates to all DCs  One per forest  Default is the first DC installed 28

29.  Performs add/remove of domains and cross- references to external DS  One per forest  Default is the first DC installed 29

30. Install Active Directory  Dcpromo  DNS  Management Tools 30

31. форум програмиране, форум уеб дизайн курсове и уроци по програмиране, уеб дизайн – безплатно програмиране за деца – безплатни курсове и уроци безплатен SEO курс - оптимизация за търсачки уроци по уеб дизайн, HTML, CSS, JavaScript, Photoshop уроци по програмиране и уеб дизайн за ученици ASP.NET MVC курс – HTML, SQL, C#,.NET, ASP.NET MVC безплатен курс "Разработка на софтуер в cloud среда" BG Coder - онлайн състезателна система - online judge курсове и уроци по програмиране, книги – безплатно от Наков безплатен курс "Качествен програмен код" алго академия – състезателно програмиране, състезания ASP.NET курс - уеб програмиране, бази данни, C#,.NET, ASP.NET курсове и уроци по програмиране – Телерик академия курс мобилни приложения с iPhone, Android, WP7, PhoneGap free C# book, безплатна книга C#, книга Java, книга C# Николай Костов - блог за програмиране http://academy.telerik.com

32.  "Web Design with HTML 5, CSS 3 and JavaScript" course @ Telerik Academy  html5course.telerik.com html5course.telerik.com  Telerik Software Academy  academy.telerik.com academy.telerik.com  Telerik Academy @ Facebook  facebook.com/TelerikAcademy facebook.com/TelerikAcademy  Telerik Software Academy Forums  forums.academy.telerik.com forums.academy.telerik.com