Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006.

Published byScarlett Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006."— Presentation transcript:

1 Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006

2 Windows 2003 Architecture Modular Architecture Modular Architecture – –Each component/module has sole responsibility for the function it is designed to provide – –Made up of a User Mode and a Kernel Mode

3 Windows 2003 Architecture User Mode User Mode –Less privileged processor mode because it does not have direct access to hardware – to assigned memory address space –Limited to assigned memory address space – API to request service from Kernel mode –Uses API to request service from Kernel mode Kernel Mode Kernel Mode – Controls O/S functions, O/S services, and system data and interface to H/W –Kernel mode can directly access hardware and memory Processor not restricted to its own memory Processor not restricted to its own memory

4 Memory Model Memory Model Memory Model –Virtual memory (paging file) is space on HD treated as if it is RAM –4 GB of memory – 2GB for Kernel and 2GB for Applications –Virtual Memory Manager manages memory

5 Active Directory (AD) Active Directory Active Directory – Active Directory has two parts A database with information about users and resources A database with information about users and resources A service that manages the database and enables users of computers on the network to access the database A service that manages the database and enables users of computers on the network to access the database – Active Directory Features/Advantages Security - Logon process and controlling access to objects Security - Logon process and controlling access to objects Administration – Hierarchical structure Administration – Hierarchical structure Search capabilities – Search AD for an object Search capabilities – Search AD for an object Scalable – Allows multiple domains, fits for any size network Scalable – Allows multiple domains, fits for any size network Flexibility – Grows with your company, allows for additions Flexibility – Grows with your company, allows for additions

6 Active Directory Improvements Improvements –Improved User Interface Drag & Drop and Ability to select multiple objects Drag & Drop and Ability to select multiple objects –Group Policy Management Console Creation of Group Policy Management Console (GPMC) for centralized control group policies Creation of Group Policy Management Console (GPMC) for centralized control group policies –Ability to Rename Domains

7 Active Directory Structure Structure – Objects and Classes An object is the smallest component that you can have in AD An object is the smallest component that you can have in AD A class is a template of all attributes of an object when it is created A class is a template of all attributes of an object when it is created – Schema Schema governs the structure of the directory Schema governs the structure of the directory Allows administrators to modify and add new object classes, objects and attributes as needed, making the schema extensible Allows administrators to modify and add new object classes, objects and attributes as needed, making the schema extensible Active Directory Schema is the name of the snap-in in MMC and can only be changed by Schema Admins Active Directory Schema is the name of the snap-in in MMC and can only be changed by Schema Admins

8 Active Directory Structure Structure – Global Catalog A master searchable index that contains information about every object in a forest A master searchable index that contains information about every object in a forest Created by default on first DC in a domain Created by default on first DC in a domain – Contains a full copy of all objects in its own domain and a partial replica of all objects in all other domains in the forest – Serves as a central point for user authentication – Namespace A logical region with objects that is bound together by their names A logical region with objects that is bound together by their names

9 Active Directory Organizational Units (OU) Organizational Units (OU) – Substructure of domains and are arranged hierarchically – Used to organize related objects in AD, can also contain other OUs – Helps simplify administration – OUs can organized by geography, business unit, resources – A hybrid design is most common – OU nesting should be only 4 to 5 levels deep Can effect performance Can effect performance – OUs are not security principals – Permission to read or write a file or folder is not given through OUs – OUs allow for delegation of administration – Add, delete, or modify an object in an OU – Group Policies (GPOs) can be applied to OUs

10 Active Directory Identification Identification – Globally Unique Identifier (GUID) – A 32 hex number assigned to an object at the time of creation and object is stored with it. This ensures uniqueness and avoids duplication – Security ID (SID) – A unique security ID created by the Security subsystem that is assigned to user, groups, and computers to grant or deny an object access to other objects

11 Domains Tree Tree – Grouping of one or more domains that must have a single root domain Parent child & child relationships Parent child & child relationships – Defined by a common and contiguous name space – A hierarchy of domains sharing a common schema, security trust relationship, and a Global Catalog Forest Forest – A group of one or more Domain Trees linked together by a trust Two different root domains Two different root domains – All Trees share a common schema and global catalog – Do not have contiguous DNS domain names

12 Domains Tree Tree

13 Domains Forest Forest

14 Trusts Transitive Trusts Transitive Trusts – A trust between two domains in the same Tree/Forest that can extend beyond two domains to other trusted domains within the same Tree/Forest Always a 2 way trust Always a 2 way trust By default all Windows 2000 trusts within Tree/Forest are transitive By default all Windows 2000 trusts within Tree/Forest are transitive Domain A and C trust each other Domain A and C trust each other

15 Trusts Explicit Trusts Explicit Trusts – A trust that is setup by an administrator Connect domains directly to shorten the path between them Connect domains directly to shorten the path between them – It can be either transitive or intransitive – Used to manage trusts between Windows 2000 and NT domains

16 Domain Name System (DNS) DNS Structure DNS Structure – Based on a hierarchical naming structure (inverted tree) – A single root domain, underneath there are second-level domains – Every computer in a DNS domain is uniquely identified by a Fully Qualified Domain Name (FQDN) – Dynamic DNS is supported starting in W2K

17 Domain Name System (DNS) DNS Structure DNS Structure

18 Domain Name System (DNS) DNS Servers DNS Servers – Primary – Maintains the master copy of the zone files – Secondary – Keeps a back-up copy of the zone files – AD-integrated – DNS entries kept in AD data store instead of zone files Zone Files Zone Files – Forward Lookup Zone This contains host name to IP address resolution This contains host name to IP address resolution – Reverse Lookup Zone This contains IP address to host name resolution This contains IP address to host name resolution

Download ppt "Windows 2003 Architecture, Active Directory & DNS Lecture # 3 Hassan Shuja 02/14/2006."

Similar presentations

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
Overview of Active Directory Domain Services

Overview of Active Directory Domain Services
How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Chapter 6 Introducing Active Directory

Chapter 6 Introducing Active Directory
Chapter 4 Chapter 4: Planning the Active Directory and Security.

Chapter 4 Chapter 4: Planning the Active Directory and Security.
1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.

1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.
Introduction to Active Directory

Introduction to Active Directory
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
CS603 Active Directory February 1, 2001.

CS603 Active Directory February 1, 2001.
1.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

1.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Chapter 1 Introduction to Windows Server 2003. 2 Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.

1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.

Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.

By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Chapter 4 Introduction to Active Directory and Account Management

Chapter 4 Introduction to Active Directory and Account Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
Understanding Active Directory

Understanding Active Directory

Similar presentations

Ads by Google