Scribd Logo
Upload

Welcome to Scribd!

  • Drive and Active Directory Overview

    Uploaded by

    Toy
    7 views24 pages

    Original Title

    Win123

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views24 pages

    Drive and Active Directory Overview

    Uploaded by

    Toy

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Presentation on Drive

    and Active Directory


    Drive: drive.iteindia.in

    Share and collaborate on documents, send and receive email, manage your calendar and have
    video chats without data leaks

    As fully on-premises solution, this drive provides the benefits of online collaboration without
    the compliance and security risks.

    First completely integrated on-premises content collaboration platform on the market, ready for
    a new generation of users who expect seamless online collaboration capabilities out of the box.
    Customizable Front Page :

    You can customize Front page as your desired format.


    Default Dashboard look like this, here we can se there is a Folder button, Photos button,
    Activity button, Mail button, Contacts Button, Calendar Button. By default we are on Files
    tab..
    Here, Tabs are showing on top, we can monitor Activities from
    remote and from individual account also.
     Monitor your activities of drive by switching
    Activity tab.
     We can share uploaded documents by clicking share
    icon and inside picture a graphical pointer for copying
    shareable link.
     When we paste shareable link in browsers url then it
    look like this, either you can Download the file or you
    can open in ONLYOFFICE online.
     One of the best feature available in this drive is
    versioning. Versioning tracks records of files when
    they have been modified. If you want to see or edit
    previous version of file you can restore it by clicking
    on revert button on right side of file details.
     Another best feature of drive is its delete feature, when we
    delete any files it automatically goes into Deleted files tab
    shown in left side of Window. Basically it act as a recycle bin
    for drive.
     You can manage files inside this tab by clicking on Actions
    buttons as shown below.
     Default mail client application view.
     You can connect your own deployed mail server over
    the drive.
     You can add your personal contact without
    interference of your administrator. For example, your
    personal team, personal contacts, etc.
     You can sync your files, upload docs from your
    mobile device application, or desktop application, etc.
    Active Directory Data Structure and Storage Architecture
    Active Directory Domains and Forests
    Domains partition the directory into smaller sections within a single forest. This partitioning results in more
    control over how data is replicated so that an efficient replication topology can be established and network
    bandwidth is not wasted by replicating data where it is not required. OUs make it possible to group
    resources in a domain for management purposes, such as applying Group Policy or delegating control to
    administrators.
    DNS Support for Active Directory

    Active Directory uses DNS as its domain controller location mechanism. When any of the
    principal Active Directory operations, such as authentication, updating, or searching, is
    performed, domain joined computers use DNS to locate Active Directory domain controllers,
    and these domain controllers use DNS to locate each other. For example, when a network user
    with an Active Directory user account logs on to an Active Directory domain, the user’s
    computer uses DNS to locate a domain controller for the Active Directory domain to which
    the user wants to log on.
     Your AD server looks like this,
    Introducing AD LDS
    For organizations that require flexible support for directory-enabled applications, Microsoft
    has developed Active Directory Lightweight Directory Services (AD LDS). AD LDS is a
    Lightweight Directory Access Protocol (LDAP) directory service.

    AD LDS provides data storage and retrieval for directory-enabled applications, without the
    dependencies that are required for Active Directory Domain Services (AD DS). AD LDS
    provides much of the same functionality as AD DS, but it does not require the deployment of
    domains or domain controllers. You can run multiple instances of AD LDS concurrently on a
    single computer, with an independently managed schema for each AD LDS instance.
    Active Directory Lightweight Directory Services

    A directory-enabled application uses a directory, rather than (or in addition to) a database, flat file,
    or other data storage structure, to hold its data. Many off-the-shelf applications, as well as many
    custom applications, use a directory-enabled design. Examples of the types of applications that
    often use a directory-enabled design include customer relationship management (CRM)
    applications, human resource (HR) applications, and global address book applications.

    Directory services (such as AD LDS) and relational databases both provide data storage and
    retrieval, but they differ in their optimization. Directory services are optimized for read processing,
    while relational databases are optimized for transaction processing. In general, consider
    implementing a directory service if your application reads data more frequently than it writes data.
    Consider implementing a relational database if your application writes or modifies data more
    frequently than it reads data.
    Privileged access management
    Privileged access management (PAM) helps mitigate security risk for AD environments that
    are caused by credential theft techniques such as pass-the-hash, spear phishing, and similar
    types of other attacks.

    In simple word its a new way of administrative access method which is configured using
    Microsoft Identity Manager (MIM), Microsoft Identity Manager creates a new AD forest
    which is isolated for the use of privileged accounts only, this will provide workflows to grant
    additional administrative privileges with an approval, and shadow security principals
    (groups) that are provisioned in the bastion forest by MIM in response to administrative
    privilege requests on Live Domain
    Group membership expiration

    Active Directory 2016 is supported group membership expiration, you can add a user to
    a group for a certain period of time. Currently, 3rd party tools have been used to achieve
    this on pre-windows server 2016, which is a handy solution for many applications, so
    that you can provide administrator privileges only for a time to do any high privilege
    task
    Active Directory Administrative Center Fine-Grained Password
    Policy

    The Fine-Grained Password policy, which allows administrators to configure multiple password
    and account lockout policies per domain. This allows domains a flexible solution to enforce
    more or less restrictive password rules, based on users and groups. It had no managerial
    interface and required administrators to configure it using Ldp.exe or Adsiedit.msc. Windows
    Server 2008 R2 introduced the Active Directory module for Windows PowerShell, which
    granted administrators a command-line interface to FGPP.

    You might also like