Professional Documents
Culture Documents
Overview of Active Directory Domain Services
Overview of Active Directory Domain Services
Domain Services
Lesson 1
Chapter Objectives
Identify Active Directory
functions and Benefits.
Identify the major components
that make up an Active Directory
structure.
Identify how DNS relates to
Active Directory.
Identify Forest and Domain
Functional Levels.
Directory Service
A network service that identifies
all resources on a network and
makes those resources accessible
to users and applications.
The most common directory
service standards are:
X.500
Lightweight Directory Access
Protocol (LDAP)
X.500
Uses a hierarchical approach in
which objects are organized in a
similar way to the files and
folders on a hard drive.
Active Directory
A directory service that uses the
tree concept for managing
resources on a Windows network.
Stores information about the network
resources and services, such as user
data, printer, servers, databases,
groups, computers, and security
policies.
Identifies all resources on a network
and makes them accessible to users
and applications.
Active Directory
Used in:
Windows 2000
Windows Server 2003
Windows Server 2008
Active Directory
Windows Server 2008 provides
two directory services:
Active Directory Domain Services
(AD DS)
Active Directory Lightweight
Directory Services (AD LDS)
Example:
cn=JSmith, ou=sales,
dc=lucernepublishing, dc=com
Functional Levels
Allows interoperability with prior
versions of Microsoft Windows.
Higher levels of functional level
will not allow older versions of
Windows to function but will add
additional functionality or
features.
Raising functional level is a oneway process.
Trust Relationships
Active Directory uses trust
relationships to allow access between
multiple domains and/or forests,
either within a single forest or across
multiple enterprise networks.
A trust relationship allows
administrators from a particular
domain to grant access to their
domains resources to users in other
domains.
Trust Relationships
When a child domain is created,
it automatically receives a twoway transitive trust with its
parent domain.
Trusts are transitive:
If domain A trusts domain B
And domain B trusts C
Then domain A trusts domain C
Chapter Summary
Active Directory is a database of objects
that are used to organize resources
according to a logical plan.
These objects include containers such as
domains and OUs in addition to resources
such as users, computers, and printers.
Chapter Summary
Active Directory requires DNS to
support SRV records.
Microsoft recommends that DNS
support dynamic updates.
Chapter Summary
Domain and forest functional levels
are new features of Windows Server
2008.
The levels defined for each of these are
based on the type of server operating
systems that are required by the
Active Directory design.
The Windows Server 2003 forest
functional level is the highest
functional level available and includes
support for all Windows Server 2003
features.
Chapter Summary
Two-way transitive trusts are
automatically generated within the
Active Directory domain structure.
Parent and child domains form the
trust path by which all domains in
the forest can traverse to locate
resources.
The ISTG is responsible for this
process.
Chapter Summary
Cross-forest trusts are new to
Windows Server 2003, and they
are only available when the
forest functionality is set to
Windows Server 2003.
They must be manually created
and maintained.