Download presentation
Presentation is loading. Please wait.
1
5/8/2006 pmarquez/Active Directory 1 Windows Server 2003 Active Directory CS526 Semester Project Spring 2006 Patricia C. Marquez Microsoft
2
5/8/2006 pmarquez/Active Directory 2 Active Directory is the Windows Server 2003 directory service. Directory services enable the management of network resource information. Active Directory uses the Lightweight Directory Access Protocol (LDAP). LDAP defines the directory access methods and employs the X.500 directory standard. Introduction
3
5/8/2006 pmarquez/Active Directory 3 Develop an application to programmatically query and modify the directory data using Active Directory Service Interfaces (ADSI). –Install Windows Server 2003 –Configure the server as a domain controller –Configure the server as a DNS server –Install Active Directory –Create a Directory Information Tree –Configure a Windows XP client to access the directory via a directory-enabled application. Goals
4
5/8/2006 pmarquez/Active Directory 4 A directory service is a type of service used to manage network resource information such as users, printers, files, applications, and even other services. The information is stored in a special type of database. The data repository is referred to as a directory because of its hierarchical structure. The X.500 Standard defines the architecture and features of a directory service. This includes the data model, namespace, functional model, and authentication methods. Directory data is accessed using the client/server model. Directory services are ideal for large distributed environments. Distributed applications can be directory-enabled to access directory data using associated APIs. Overview of Directory Services
5
5/8/2006 pmarquez/Active Directory 5 An open industry standard for directory access. Defines a standard method for querying and updating information in a directory including the transport and format of messages. Less resource-intensive than DAP because: –It runs directly over TCP/IP instead of requiring the entire OSI protocol stack to operate. –It uses a simplified version of the X.500 directory data model. LDAP provides APIs for C and Java. Lightweight Directory Access Protocol
6
5/8/2006 pmarquez/Active Directory 6 The Microsoft Windows Server directory service Its primary protocol is LDAP The data model is derived from the X.500 data model Resources are represented as objects. The database can hold a billion objects Provides access control and authentication Supports intersite and intrasite replication Provides its own API: –Active Directory Service Interfaces (ADSI) Active Directory Highlights
7
5/8/2006 pmarquez/Active Directory 7 INTERFACES Windows Server 2003 Security Subsystem Extensible Storage Engine LDAPREPLMAPISAM ApplicationsReplicationOutlook ClientsWindows NT 4 Primary data fileWorking FilesTransactions Logs Physical Architecture
8
5/8/2006 pmarquez/Active Directory 8 DIRECTORY SERVICE LOGON / ACCESS CONTROL MECHANISMS AUTHENTICATION MECHANISMS LSA Server KDCKerberosSSL NETLOGON Security Accounts Manager Windows Server 2003 Security Subsystem
9
5/8/2006 pmarquez/Active Directory 9 Building blocks include: –Forests –Domains –Organizational Units –Groups –Objects: users, computers, printers, et cetera –Trust relationships –Sites –Replication Logical Architecture
10
5/8/2006 pmarquez/Active Directory 10 Forest with Domain Trees and Trust Relationship A forest is a logical grouping of domain trees A domain tree is a logical grouping of domains
11
5/8/2006 pmarquez/Active Directory 11 Domain with Organizational Unit Tree
12
5/8/2006 pmarquez/Active Directory 12 Solutions to Active Directory limitations: –No easy way to rearrange the structure of existing forests –No easy way to merge one forest with another to form a single forest –No easy way to split domains off a forest to form a new forest Research using Directory Services Markup Language (DSML) to access my directory. Future Research
13
5/8/2006 pmarquez/Active Directory 13 Kouti, Sakari, and Mika Seitsonen. Inside Active Directory – A System Administrator’s Guide. Addison- Wesley, 2002 Stanek, William R. Microsoft Windows Server 2003 Inside Out. Microsoft Press, 2004 Tuttle, Steven, Ami Ehlenberger, Ramakrishna Gorthi, Jay Leiserson, Richard Macbeth, Nathan Owen, Sunil Ranahandola, Michael Storrs, and Chunhui Yang. Understanding LDAP – Design and Implementation. IBM Redbooks, 2004 Key References
14
5/8/2006 pmarquez/Active Directory 14 Questions
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.