Download presentation
Presentation is loading. Please wait.
Published byClara Farmer Modified over 9 years ago
1
by Rashid Khan Lesson 6-Building a Directory Service
2
by Rashid Khan Overview Understand Novell Directory Services. Describe Windows 2000 Active Directory. Understand the network’s directories.
3
by Rashid Khan Understand Novell Directory Services The Novell Directory Services (NDS) is an integral database component of Novell NetWare. The NDS works along with components like the NetWare Administrator (NWAdmin) and ConsoleOne to manage the Novell network. The NDS stores information about users, groups, and resources in a database called Directory.
4
by Rashid Khan The NDS manages and organizes the network’s resources, and assigns attributes to each of the objects such as users, groups, and servers. NDS organizes data about every object and verifies their assigned access rights to control objects availability to a user. Understand Novell Directory Services
5
by Rashid Khan It also contains information about the location, characteristics, and authorized users for every resource on a NetWare network. The default location for storing items for general use, when logging in to the network, is the public drive (Z:). Understand Novell Directory Services
6
by Rashid Khan NDS structure. Object naming. Understand Novell Directory Services
7
by Rashid Khan NDS Structure NDS provides NetWare the ability to create a unified network with a single point for accessing and administering access to networked objects. Every resource on the NDS must be provided with a unique identifier for it to locate any object. The NDS maintains information about each resource as well as the service provided by it on the network.
8
by Rashid Khan NDS Structure The information is separated into descriptive categories, called properties of the object and the values. The NDS structure is similar to the Microsoft DOS structure.
9
by Rashid Khan NDS Structure Objects Properties Values
10
by Rashid Khan Objects The [Root] object, the container object, and the leaf object are the types of NDS objects. NDS objects help organize objects in the NDS tree into logical groupings. Logical grouping enables a user to create one login procedure and assign the same to a larger number of objects.
11
by Rashid Khan Objects [Root] object: –The [Root] object is the highest object in a network’s organization. –It is a special object, and can be created only during the original network software installation. –A NDS Directory can have only one [Root] object.
12
by Rashid Khan Objects [Root] object (continued): –The [Root] object cannot be moved, renamed, or deleted, and it has no properties. –The [Root] object can have trustees and rights on other objects. –It should hold one or more Country objects, Alias objects, or the Organization objects.
13
by Rashid Khan Objects Container object: –Container objects are special storage locations, where objects are placed for administrative purposes. –The container helps group resource objects for access or assigning rights.
14
by Rashid Khan Container object (continued): –A container object is referred to as a parent object if it contains other objects. –Country object, Organization object, and Organizational Unit object are the three special container objects. Objects
15
by Rashid Khan Objects Container object (continued): –Country (C) object - It holds a valid two-character country abbreviation, and exists directly below the [Root] object. –Organizational Unit (OU) object – It is placed below the Organization container object, and helps organize the lower levels of an organization.
16
by Rashid Khan Objects Container object (continued): –Each Directory tree must have at least one Organization (O) container object. –The Organization (O) container object contains the leaf object and the Alias object. –Organization container objects cannot contain additional Organization container objects.
17
by Rashid Khan Objects Leaf object: –A network’s lowest-level resources and services are referred to as leaf objects. –A leaf object represents an individual resource or service available on the network.
18
by Rashid Khan Properties The different properties associated with an object determine the class of that object. NDS determines the properties that each object should possess.
19
by Rashid Khan Values The pieces of information within the property fields that describe an object make up the property values of the object. Some properties can have their value-required entries for all objects.
20
by Rashid Khan Object Naming Network directories consist of multiple containers, representing numerous combinations of objects based upon their function, geographical location or description. Storing objects in multiple containers provides better efficiency and easy administration. The NDS provides a single name for every object in the Directory tree.
21
by Rashid Khan Object Naming The single name is called an object’s common name (CN), and the letters CN are called the attribute type abbreviation. Users requiring access to network data must make a request to the NDS, which requires a user to provide the correct object name.
22
by Rashid Khan Object Naming When NDS receives the request, the server controlling that object checks its own copy of the Directory to determine whether the user object is valid. The NDS locates the requested object and verifies that the user has the permission to perform the required action on that object.
23
by Rashid Khan Object Naming NDS objects can have the same common name. Identically named objects cannot be located in the same NDS container, and hence should be stored in different portions of the directory. In order to identify such commonly named objects on the NDS tree, it is also essential to know the location of an object.
24
by Rashid Khan Object Naming A context specifies an object’s exact location on the NDS tree. The context can also be considered as the name of the parent container of the object. A context is a list of all container objects leading from an object to the [Root] object.
25
by Rashid Khan Object Naming The current working location of an object is referred to as the object’s current context. The current context is also called the name context. The current context is the default container where NDS looks for a resource.
26
by Rashid Khan Object Naming Distinguished names. Typeful names.
27
by Rashid Khan Distinguished Names An object can also be identified by providing the exact full context. The full context is referred to as an object’s distinguished name. A distinguished name starts with the object in question, and identifies each of the container objects in the path to that object.
28
by Rashid Khan Distinguished Names A distinguished name always begins with a period. Periods should also to be used between each object’s name, and for each successive container object going up the NDS tree. Trailing periods are not allowed in distinguished names.
29
by Rashid Khan Distinguished Names Relative distinguished names: –A relative distinguished name is used to determine the location of an object relative to the current context. –By default, common names are relative distinguished names.
30
by Rashid Khan Relative distinguished names (continued): –Any name that starts without a period is considered to be a relative distinguished name. –A trailing period can be used to move up one level in the Directory tree. Distinguished Names
31
by Rashid Khan Typeful Names The ‘CN=’ notation is used with common names to create typeful names. Typeful names help NDS specify an object’s location, thereby providing faster access. Typeful names inform NDS of the different container types and leaf objects being used, and are used in both distinguished and relative distinguished names. Typeful names are optional.
32
by Rashid Khan Typeful Names Typeless names: –Typeless names provide users the option of leaving the attribute type abbreviations off their entries. –Typeless names do not include any of the object’s attribute types.
33
by Rashid Khan Describe Windows 2000 Active Directory Active Directory structure. Installing Active Directory.
34
by Rashid Khan Active Directory Structure An Active Directory (AD) allows a user to access and manage networks from a single login. The AD uses a database, which is known as the schema, to keep track of and provide access to all the resources on a network. The AD locates network resource objects by their distinct names and potential attributes.
35
by Rashid Khan Active Directory Structure Active Directory schema. Containers.
36
by Rashid Khan Active Directory Schema The schema contains a list of the objects that can be contained in the AD, and the information that can be stored about each object. The schema, also called the metadata, is further broken down into the schema class objects and the schema attribute objects.
37
by Rashid Khan Active Directory Schema ‘User’ is the default schema class object included in networks, and it consists of schema attributes such as user logon name, first name, last name, etc. The schema divides the database into smaller units to speed up data access and retrieval.
38
by Rashid Khan Containers Container objects are used for organizing the Active Directory. Containers help group network resource objects in a hierarchical parent/child relationship. Forest is the largest container object.
39
by Rashid Khan Containers Forest object: –A forest joins multiple domain trees to allow communication or share networked resources with other related trees. –Trees in a forest share information by using a global catalog. –Each tree is an independent entity, and can be completely self-administered using its own naming conventions.
40
by Rashid Khan Containers Forest object (continued): –The forest is considered as the boundary of the AD. –All domain controllers within a forest share the same schema, configuration, and global catalog. –A forest can contain a single domain and a single tree.
41
by Rashid Khan Containers Tree object: –The term ‘tree’ is used to indicate a container object containing multiple domains. –Each domain is a distinct unit, and joins the tree to communicate and share its networked resources with other domains. –Each domain in a tree is an independent entity and can be completely self-administered using its own naming convention.
42
by Rashid Khan Containers Domain object: –Domain is the most important container object in Microsoft’s hierarchical directory services structure as all AD objects are part of a domain. –Each domain is capable of controlling the security and access to each of the objects.
43
by Rashid Khan Domain object (continued): –A domain is controlled by a single server called the domain controller. –Domains can span a wide physical or geographical area when it is based on the logical relationships within a company. Containers
44
by Rashid Khan Containers Organizational Unit (OU) object: –The OU container helps structure the network to imitate the actual internal organization. –An OU is used to compartmentalize objects so that they can be effectively administered and access to networked resources can better be controlled.
45
by Rashid Khan Installing Active Directory Windows 2000 Configure Your Server window
46
by Rashid Khan Installing Active Directory The user needs to select the following options: –Domain Controller for a New Domain option in the Domain Controller Type window. –Create a New Domain Tree option n the Create Tree or Child Domain window. –Create a New Forest of Domain Trees option in the Create or Join Forest window.
47
by Rashid Khan Installing Active Directory New Domain Name window
48
by Rashid Khan Installing Active Directory The user needs to select the following options (continued): –The Yes, Install and Configure DNS on the Computer option in the Configure DNS window. –The Permissions Compatible with Pre- Windows 2000 Servers option in the Permissions window.
49
by Rashid Khan Understand the Network’s Directories Administering the NetWare 6 server. Creating NetWare users. Creating NDS objects. Administering the Windows 2000 Server. Creating AD objects.
50
by Rashid Khan Administering the NetWare 6 Server NDS provides a global database that gives network administrators centralized access to networked information, resources, and services. It logically organizes the network resources independent of the physical network configuration, and also dynamically maps an object and its actual physical resource.
51
by Rashid Khan Administering the NetWare 6 Server The NDS Directory provides administrators with manageable groupings of objects, thereby providing greater security for the networked resources. The Directory is stored on numerous servers, thereby providing fault tolerance.
52
by Rashid Khan Creating NetWare Users Creating users and organizing them into hierarchical containers makes it easier for an administrator to maintain the network. It is also easier for the user to work with networked resources.
53
by Rashid Khan Creating NDS Objects Organizational Unit dialog box
54
by Rashid Khan Creating NDS Objects New Group dialog box
55
by Rashid Khan Creating NDS Objects New User button
56
by Rashid Khan Creating NDS Objects New User window
57
by Rashid Khan Creating NDS Objects New User- Properties window
58
by Rashid Khan Creating NDS Objects Select Objects dialog box
59
by Rashid Khan Administering the Windows 2000 Server The AD provides network administrators with a global database for managing the networked information, resources, and services. It also logically organizes networked resources independent of the physical location. Users and other networked objects are managed from the server’s console or through remote administration capabilities.
60
by Rashid Khan Appropriate permissions can be set on the Administrative Tools and the consoles to administer the AD and the server respectively. A copy of AD is kept on all domain controllers to restore them easily in case of a server failure. Administering the Windows 2000 Server
61
by Rashid Khan Creating AD Objects Computer Name Change dialog box
62
by Rashid Khan Creating AD Objects Active Directory Users and Computers
63
by Rashid Khan Creating AD Objects Creating a New User
64
by Rashid Khan Creating AD Objects New Object-User window
65
by Rashid Khan Creating AD Objects Password settings
66
by Rashid Khan Summary Novell Directory Services (NDS) and NWAdmin help manage the Novell network. NDS tracks objects by storing information in the form of properties and values. [Root], container, and leaf objects are the three NDS object types.
67
by Rashid Khan Summary An object’s name without a reference to its position in a network is called its common name (CN). An Active Directory is a database that keeps track of and provides access to all the networked resources. The NWAdmin or ConsoleOne can be used to create NDS objects.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.