Presentation is loading. Please wait.

Presentation is loading. Please wait.

Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC.

Similar presentations


Presentation on theme: "Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC."— Presentation transcript:

1 Active Directory Maryam Izadi

2 Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC

3 NT VS Win-2000 / 2003 Peer – Peer Network Domain Based Network PDC and BDC Domain Controllers and Additional Domain Controllers

4 Introduction to Active Directory Services Active Directory is the directory service included in Windows 2000/2003 Server. It stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators a single point of administration for all network objects.

5 Introduction to Active Directory Services Completely integrated with Microsoft Windows 2000/2003 Server Integrates the Internet concept of namespace with the operating system’s directory service Allows a single point of administration for all published resources

6 Global Catalog The global catalog is the central repository of information about objects in a domain tree or forest. The global catalog is a service as well as a physical storage location that contains a replica of selected attributes of every object in the Active Directory store. By default, the first domain controller is a global catalog server. Additional domain controllers can also be designated as global catalog servers by using the Active Directory Sites And Services snap-in.

7 Namespace

8 Defining a Namespace Architecture Root domain First-layer domains Second-layer domains

9 Protocol Support We all use directories of one sort or another every time we use the Internet or our own intranets LDAP is an extensible, vendor-independent, network protocol standard -- it supports hardware, software, and network heterogeneity An LDAP-based directory supports any type of data LDAP is the Active Directory core protocol. Active Directory services supports remote procedure call (RPC) interfaces that support Messaging Application Programming Interface (MAPI) interfaces. The Active Directory information model is derived from the X.500 information model.

10 Understanding Active Directory Components The core unit of logical structure in Active Directory is the domain

11 Forest A forest is a grouping or hierarchical arrangement of one or more separate, completely independent domain trees

12 Trees A tree is a grouping or hierarchical arrangement of one or more Windows 2000/2003 domains that you create by adding one or more child domains to an existing parent domain.

13 OU (Organizational Unit) An OU is a container of objects such as user accounts, groups, computers, printers, applications, file shares, and other OUs from the same domain

14 Adding or Creating a Domain Controller If you add a domain controller to an existing domain, you create a peer domain controller. If you create the first domain controller for a new domain, you are creating not only the domain controller but also a new domain.

15 The Active Directory Database The database is a file named Ntds.dit, which is the directory for the new domain. The default location for the database and the database log files is %systemroot%\Ntds, although you can specify a different location. The database contains all the information stores in the Active Directory store. The Ntds.dit file is a database that contains the entire schema, the global catalog, and all the objects stored on that domain controller.

16 Domain Modes Mixed mode Native mode

17 Locating Objects

18 Managing Active Directory Permissions Use Active Directory permissions to determine who has the permissions to gain access to the object and what type of access is allowed. The object type determines which permissions you can select. Permissions inheritance minimizes the number of times you need to assign permissions for objects.

19 MMC (Microsoft Management Console) Microsoft Management Console (MMC) hosts administrative tools that you can use to administer networks, computers, services, and other system components. Create custom MMCs to meet your administrative requirements Creating custom MMCs allows you to perform most administrative tasks with one MMC. Combine snap-ins that you use together to perform common administrative tasks. You do not have to switch between different programs or MMC files because all of the snap-ins that you need to use are located in the same MMC file.

20 Questions?


Download ppt "Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC."

Similar presentations


Ads by Google