INTRODUCTION TO ACTIVE DIRECTORY INFRASTRUCTURE

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY
‡ Active directory stores information about users, computers, and network resources. ‡ Makes that resources accessible to users. ‡ It provides a consistent way to name, describe, locate, access, manage, and secure information about these recourses.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY
‡ Centralizes Control Of Network Resources. ‡ Centralizes And Decentralizes Resources Management. ‡ Stores Object Securely In A Logical Structure. ‡ Optimizes Network Traffic. ‡ Policy based centralize administration.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY
CENTRALIZES CONTROL OF NETWORK RESOURCES : ‡ It will centralize the resources. ‡ The resources such as severs, printers, shared folders. ‡ It will authorized the user can access resources in active directory.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY
CENTRALIZES AND DECENTRALIZES RESOURCES MANAGEMENT : ‡ Administrator can manage all resources from central location by using consistent management interface. ‡ Or they can distribute administrative tasks by delegating the control of resources to other administrator.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY
STORES OBJECTS SECURELY IN A LOGICAL STRUCTURE : Active directory stores all of the resources as object in a secure, hierarchical logical structure.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY
OPTIMIZES NETWORK TRAFFIC : ‡ The physical structure of active directory enables you to use network band width more efficiently. ‡ It reduce the amount of network traffic.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNCTIONS OF ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LOGICAL STRUCTURE OF ACTIVE DIRECTORY

Logical structure of active directory includes the following components. ‡ Objects ‡ Organizational unit ‡ Domains ‡ Domain trees ‡ Forests

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

OBJECT : ‡ The most basic components of the logical structure is object. ‡ Each object class is defined by a group of attributes. ‡ Each object has a unique combination of attribute values.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

ORGANIZATIONAL UNIT : ‡ The organizational unit is the container object. ‡ Organizational unit help you to make easier to locate and manage objects. ‡ Organizational unit can be nested in other organizational units.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

DOMAIN : ‡ The core functional units in the active directory logical structure,domains are a collection of administratively define objects, security policies. ‡ An administrative boundary for objects. ‡ A means of managing security for shared resources. ‡ A unit of replication for objects.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

DOMAIN TREES : ‡ Domain that are grouped together in hierarchical structures are called domain trees. ‡ When you add a second domain to a tree, it becomes a child of the tree root domain. ‡ The domain to which a child domain is attached is called the parent domain. ‡ The name of a child domain is combined with the name of its parent domain
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

FOREST : ‡ A forest is a complete instance of active directory. ‡ Child domains are made children of the forest root domain to form one contiguous tree. ‡ The first domain in the forest is called forest domain. ‡ Default information in active directory is shared only within the forest.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

LGICAL STRUCTURE OF ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

To optimize active directory¶s use of network band width,you must understand physical structure. The elements of the active directory physical elements are. ‡ Domain Controllers ‡ Active Directory Sites ‡ Active directory partitions

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

DOMAIN CONTROLLERS : ‡ The machine which runs server 2003 and active directory service is called domain controllers. ‡ The domain controller performs storage and replication function. ‡ A domain controller can run only one domain. ‡ Each domain should have more than one domain controller.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

ACTIVE DIRECTORY SITES : ‡ These sites are group of well-connected computers. ‡ Domain controller with in the site communicate frequently. ‡ This communication minimize the latency within the site. That is the time required for a change that is made on one domain controller to be replicate to another domain controller.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

ACTIVE DIRECTORY PARTITIONS : The domain controller contains the following active directory partitions. ‡ Schema partitions. ‡ Domain partitions. ‡ Configuration partitions ‡ Optional partitions

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

DOMAIN PARTITON: ‡ It replicas of all objects in that domain. ‡ The domain partitions is replicated only to other domain controllers in the same domain. CONFIGURATION PARTITION: ‡ This partition contain forest topology. ‡ This topology contain the record of all domain controllers and the connection between them in a forest.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

SCHEMA PARTITIONS : ‡ This partition contains the forest ±wide schema. ‡ Forest has one schema so that the definition of each object class is consistent. ‡ Schema partitions are replicated to each domain controller in the forest.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

APPLICATION PARTITIONS: ‡ This partition contain object that are unrelated to security . ‡ It is used one are more application. ‡ Application partitions are replicated to specified domain controllers in the forest.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

PHYSICAL STRUCTURE OF ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

OPERATION MASTER
OPERATION MASTER: ‡ When a change is made to a domain, the change is replicated across all of the domain controllers in the domain. ‡ Some changes, such as those made to the schema, are replicated across all of the domains in the forest. ‡ This replication is called multimaster replication.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

OPERATION MASTER
SINGLE MASTER OPERATION : ‡ To avoid replication conflicts, you use single master replication. ‡ Active directory uses single master replication for important changes,such as the addition of a new domain or a change to the forest-wide schema.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

OPERATION MASTER ROLES
‡ Operation that use single-master replication are arranged together in specific roles in a forest or domain. ‡ Each operations master role, only the domain controller that holds that role can make the associated directory change. ‡ Active directory stores information about which domain controller holds a specific role. ‡ Active directory defines five operations master roles.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

OPERATION MASTER ROLES
‡ It had a default location one is forest-wide or domainwide. ‡ FOREST-WIDE ROLES : ‡ Schema master. ‡ Domain naming master. ‡ DOMAIN-WIDE ROLES : ‡ Primary domain controller emulator. ‡ Relative identifier master. ‡ Infrastructure master.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

WORKING PRINCIPLE OF ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

DIRECTORY SERVICE
A directory service is a structured repository of information about people and resources in an organization. In a windows server 2003 network, the directory service is active directory.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

SCHEMA
‡ Active directory schema contains the definitions of all object. ‡ On domain controllers running windows server 2003 there is only one schema for an entire forest. ‡ The schema had two types of definitions object classes and attributes.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

GLOBAL CATALOG
‡ Resources in active directory can be shared across domains and forests. ‡ The global catalog feature in active directory makes searching for resources across domain and forests transparent to the user. ‡ The global catalog is a repository of information that contains a subset of the attributes of all objects in active directory.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

GLOBAL CATALOG
‡ The global catalog contains : ‡ The attributes that are most frequently used in queries, such as a user¶s first name,last name and logon name. ‡ The information that is necessary to determine the location of any object in the directory. ‡ A default subset of attributes for each object type. ‡ The access permissions for each object and attribute that is stored in the global catalog.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

GLOBAL CATALOG

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

GLOBAL CATALOG
FUNCTIN OF THE GLOBAL CATALOG: The global catalog enables user to perform two important function: ‡ Find active directory information any where in the forest, regardless of the location of the data. ‡ Use universal group membership information to log on the network.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

FUNTION OF GLOBAL CATALOG

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

SINGLE SIGN-ON
ACTIVE DIRECTORY ENABLES A SINGLE SIGN-ON: SIGN‡ Active directory makes the complex process of authentication and authorization transparent to the user. ‡ Authentication, which verifies the credentials of the connection attempt. ‡ Authorization, which verifies that the connection attempt is allowed.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY MANAGEMENT
‡ You can manage large number of users, computers, printers from a central location. ‡ Active directory tools support decentralize administration. ‡ It contains information about all objects and their attributes. ‡ You can query active directory by using protocol such a LDAP.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY MANAGEMENT
‡ You can arrange objects that have similar administrative and security requirements into organizational unit. ‡ You can specify group policy settings for a site, a domain, or an organizational unit.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

DECENTRALIZED MANAGEMENT
ACTIVE DIRECTORY SUPPORTS DECENTRALIZED MANAGEMENT : Active directory supports decentralized management. You can assign permissions and grant user rights in very specific ways.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

DELEGATING THE PERMISSIONS
DELEGATE THE ASSIGNING OF PERMISSIONS : ‡ For specific organizational units to different domain local group. ‡ To modify specific attributes of an object in an organizational unit. ‡ To perform the same task, such as resetting passwords, in all organizational units of domain

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ADMINISTRATIVE MMC SNAP-INS
‡ Active Directory Users and Computers. ‡ Active Directory Domains and Trusts. ‡ Active Directory Sites and Services. ‡ Active Directory Schema.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

WINDOWS SERVER 2003
COMMAND-LINE ADMINISTRATIVE TOOLS ‡Dsrm ‡ Dsadd ‡ Dsmod ‡ Dsquery ‡ Dsmove ‡Dsget ‡CSVDE ‡LDIFDE

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

EXAMINE ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

TO VIEW THE ORGANIZATIONAL UNIT IN ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

To view the OU select ACTIVE DIRECTORY USERS AND COMPUTER

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Click your domain

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

This icon will mention the OU

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

TO VIEW THE LOGICAL STRUCTURE OF ACTIVE DIRECTORY

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

To view the logical structure click ACTIVE DIRECTORY DOMAINS AND TRUSTS

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Click the active directory domain and trusts it will display the you domain

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Your domain will display here

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

TO VIEW THE PHYSICAL STRUCTURE

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

To view the physical structure click ACTIVE DIRECTORY SITES AND SERVICES

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Click active directory sites and services

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Expand the sites

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY

Here expand the default sites Then click servers and it name will display the computer name and domain name

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY DESIGNING
ACTIVE DIRECTORY DESIGN PROCESS : The active directory design process includes the following tasks : ‡ Collecting organizational information. ‡ Analyzing organizational information. ‡ Analyzing design options. ‡ Selecting design. ‡ Refining the design.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY DESIGNING
OUTPUT OF THE ACTIVE DIRECTORY DESIGN : The out put of the active directory design phase includes the following elements : ‡ The forest and domain design. ‡ The organizational unit design. ‡ The site design.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY PLANNING
ACTIVE DIRECTORY PLANNING PROCESS : Active directory plan includes : ‡ Account strategy. ‡ Audit strategy. ‡ Organizational unit implementation plan. ‡ Group policy plan. ‡ Site plan. ‡ Software deployment plan. ‡ Server placement plan.
ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

ACTIVE DIRECTORY IMPLEMENTING
ACTIVE DIRECTORY IMPLEMENTATION PLAN : The implementation process includes the following . ‡ Implement the forest, domain, and DNS structure. ‡ Create organizational units and security groups. ‡ Create user and computer accounts. ‡ Create group policy objects. ‡ Implement sites.

ADVANTAGE PRO ± Chennai¶s Premier Networking Training Center

Sign up to vote on this title
UsefulNot useful