Active Directory Fundamentals - PowerPoint PPT Presentation

About This Presentation
Title:

Active Directory Fundamentals

Description:

Replication. Operations Masters. SRV Records to ... Multi-Master Replication. Intra-site Bi-directional Ring Topology ... Monthly updates delivered on DVD or CD ... – PowerPoint PPT presentation

Number of Views:216
Avg rating:3.0/5.0
Slides: 39
Provided by: downloadM
Category:

less

Transcript and Presenter's Notes

Title: Active Directory Fundamentals


1
Active Directory Fundamentals Thomas Lee Chief
Technologist QA thomas.lee_at_qa.com
2
What we will cover
  • Domain, Trees, Forests
  • Domain Controllers, Sites
  • The Domain Naming Service
  • Replication
  • Operations Masters
  • Lots of demos.

3
Prerequisite Knowledge
  • Understanding of what a directory service is

Level 200
4
Agenda
  • Active Directory Logical Concepts
  • Active Directory Physical Concepts
  • DNS
  • Replication
  • Operations Masters

5
Active Directory Logical Concepts Domains
  • Boundary of Security
  • NOT!!!
  • Boundary of Authentication
  • Boundary of Replication
  • Domain NC Replication
  • Boundary of DNS Namespace
  • Boundary of Administration

KAPOHO.NET
6
Active Directory Logical Concepts Trees
  • Hierarchy of Domains forming a contiguous
    namespace
  • Transitive Trust Relationships
  • All Domains in a Tree share
  • Schema
  • Configuration
  • Global Catalog

KAPOHO.NET
HAWAII.KAPOHO.NET
EUROPE.KAPOHO.NET
MAUI.HAWAII.KAPOHO.NET
7
Active Directory Logical Concepts Forests
  • Hierarchy of Domains forming a contiguous or
    disjoint namespace
  • Transitive Trust Relationships
  • All Domains in a Forest share
  • Schema
  • Configuration
  • Global Catalog

KAPOHO.NET
PSP.CO.UK
HAWAII.KAPOHO.NET
8
Active Directory Logical Concepts Organizational
Units
  • Containers within Domains
  • Distinct Units of Administration
  • Unique to Domains

9
Agenda
  • Active Directory Logical Concepts
  • Active Directory Physical Concepts
  • DNS
  • Replication
  • Operations Masters

10
Active Directory Physical Concepts Domain
Controllers
Primary Domain Controller (PDC)
Domain Controllers (DC)
Backup Domain Controller (BDC)
11
Active Directory Physical Concepts Sites
  • What is a Site?
  • A set of well-connected IP subnets
  • Site Usage
  • Locating Services (e.g. Logon, DFS)
  • Replication
  • Group Policy Application
  • Sites are connected with Site Links
  • Connects two or more sites

12
Active Directory Physical Concepts Site Topology
DC Domain Controller GC Global Catalog
DC
GC
Site A
Company.com
Site C
DC
DC
GC
DC
Site B
europe.company.com
america.company.com
13
Active Directory Physical Concepts Global Catalog
  • Partial Replica of all Objects in the Forest
  • Configurable subset of Attributes
  • Fast Forest-wide searches
  • Required at Logon for Universal Group Membership

14
Agenda
  • Active Directory Logical Concepts
  • Active Directory Physical Concepts
  • DNS
  • Replication
  • Operations Masters

15
DNS DNS
  • SRV Records to locate services (reqd.)
  • DDNS for Dynamic Update (desired)
  • Windows 2000 and up, DNS also provides
  • Incremental Zone Transfer
  • Active Directory Integrated
  • Single replication topology
  • Multi-master replication
  • Secure Dynamic update

Tip Use the latest version of BIND!
16
DNS DNS Implementations
  • No existing DNS infrastructure
  • Deploy Microsoft DNS
  • Existing DNS meets requirements
  • Existing DNS not adequate
  • Choice 1 Update Server
  • Choice 2 Migrate to Microsoft DNS
  • Choice 3 Delegate a subdomain to Microsoft DNS

17
Agenda
  • Active Directory Logical Concepts
  • Active Directory Physical Concepts
  • DNS
  • Replication
  • Operations Masters

18
ReplicationReplication Details
  • Naming Contexts that are replicated
  • Schema Naming Context
  • Configuration Naming Context
  • Domain Naming Context
  • Multi-Master Replication
  • Intra-site Bi-directional Ring Topology
  • Inter-site Spanning Tree Topology
  • Synchronous RPC over TCP/IP
  • Asynchronous SMTP

19
ReplicationNaming Contexts
  • Schema
  • Definitions of attributes
  • Replicated to all DCs in the forest
  • Configuration
  • AD Structure (domains, sites, and where the DCs
    are)
  • Replicated to all DCs in the forest
  • Domain
  • Domain specific objects (users, groups,
    computers, and OUs)
  • Replicated to all DCs in its domain

20
ReplicationReplication Topologies
  • Intra-Site Replication AD replication between
    DCs within a Site
  • Inter-site Replication AD replication between
    Sites

21
ReplicationIntra-Site Replication
  • RPC Replication in a Site
  • No compression
  • Assumes good network connections
  • Uses notification process
  • 5 minutes -2k
  • Less 2k3
  • KCC Generates a bi-directional Ring with extra
    edges

Tip Always let KCC generate the intra-site
replication topology when possible
22
ReplicationInter-Site Replication
  • Replication between Sites
  • DS-RPC (RPC over IP) or SMTP Transports
  • SMTP can be used only between
  • GCs across Sites
  • DCs of different domains and in different sites
  • Compression
  • 10-20 of original size
  • Scheduled

23
ReplicationSite-Links, Bridges and Bridgehead
Servers
  • Site Links link two or more sites
  • Cost and schedules can be specified
  • Transitive (can be disabled)
  • Site-Link Bridges
  • Bridge two or more site links
  • Bridgehead servers
  • KCC generates a minimum cost spanning tree

Tip Always let KCC generate the replication
topology
24
Agenda
  • Active Directory Logical Concepts
  • Active Directory Physical Concepts
  • DNS
  • Replication
  • Operations Masters

25
Operations MastersSchema and Domain
  • Schema
  • Perform updates to schema
  • Sends updates to all DCs
  • One per forest
  • Default is the first DC installed
  • Domain
  • Performs add/remove of domains and
    cross-references to external DS
  • One per forest
  • Default is the first DC installed

26
Operations MastersPDC, RID and Infrastructure
  • Primary Domain Controller (PDC)
  • Acts as a PDC for requests from NT clients
  • One per domain
  • Relative Identifier (RID)
  • Generates pools of security identifiers to be
    distributed to DCs in the domain
  • One per domain
  • Infrastructure
  • updates SIDs and domains that are moved in and
    out of the domain

27
Summary
  • There are Logical and Physical concept
  • DNS
  • Plenty of Information

28
For More Information
  • Main TechNet Web site at www.microsoft.com/technet
  • Additional resources to support this Session page
    can be found at

www.microsoft.com/technet/tnt1-98
29
MS PressInside information for IT Professionals
To find the latest IT Professional related titles
visit www.microsoft.com/learning/it/books
30
Third Party PublicationsSupplementary
Publications for IT Pros
These books can be found and purchased at all
good book stores and on-line retailers
31
Microsoft LearningTraining Resources for IT
Professionals
  • Planning, Implementing, and Maintaining a
    Microsoft Windows Server 2003 Active Directory
    Infrastructure
  • Course Number 2279
  • Availability Now
  • Detailed Syllabus www.microsoft.com/learning

To locate a training provider, please
access www.microsoft.com/learning Microsoft
Certified Technical Education Centers are
Microsofts premier partners for training
services
32
Assess your ReadinessMicrosoft Skills Assessment
  • What is Microsoft Skills Assessment?
  • Self-study learning tool to evaluate readiness
    for product and technology solutions, instead of
    job-roles (certification)
  • Windows Server 2003, Exchange Server 2003,
    Windows Storage Server 2003, Visual Studio .NET,
    Office 2003
  • Free, online, unproctored, and available to
    anyone
  • Answers, Am I ready?
  • Determines skills gaps, provides learning plans
    with Microsoft Official Curriculum courses, plus
    more Microsoft learning content suggestions such
    as TechNet resources
  • Post your High Score to see how you stack up
  • visit http//www.microsoft.com/assessment

33
Become a Microsoft Certified Systems
Administrator (MCSA)
  • What is the MCSA certification?
  • For IT professionals who manage and maintain
    networks and systems based on the Microsoft
    Windows Server operating system
  • How do I become an MCSA on Microsoft Windows
    2000?
  • Pass 3 core exams
  • Pass 1 elective exam or 2 CompTIA certifications
  • Where do I get more information?
  • For more information about certification
    requirements, exams, and training, visit
    www.microsoft.com/mcsa

34
Become A Microsoft Certified Systems Engineer
(MCSE)
  • What is the MCSE certification?
  • Premier certification for IT professionals who
    analyze the business requirements and design,
    plan, and implement the infrastructure for
    business solutions based on the Microsoft Windows
    Server System integrated server software.
  • How do I become an MCSE on Microsoft Windows
    2003?
  • Pass 6 core exams
  • Pass 1 elective exams from a comprehensive list
  • Where do I get more information?
  • For more information about certification
    requirements, exams, and training options, visit
    www.microsoft.com/mcse

35
Demonstrate Your Security or Messaging
Specialization
  • What are MCSA/MCSE specializations?
  • MCSA and MCSE specializations allow IT
    professionals to highlight specific expertise or
    technical focus within their job role.
  • What specializations are available?
  • MCSA Security ? MCSA Messaging
  • MCSE Security ? MCSE Messaging
  • Where do I get more information?
  • For more information about MCSA and MCSE
    specialization requirements, exams, and training
    options, visit www.microsoft.com/mcsa or
    www.microsoft.com/mcse

36
What is TechNet?
  • Put the right answers at your fingertips
  • TechNet is the comprehensive collection of
    resources to help IT implementers plan, deploy,
    and manage Microsoft products successfully
  • Monthly updates delivered on DVD or CD
  • The definitive resource to help you evaluate,
    deploy and maintain Microsoft products

TechNet Subscription
  • Accessible at www.microsoft.com/technet
  • Online resources and community
  • Subscriber-only Online Services

TechNet Web Site
  • Bi-weekly e-newsletter
  • Security updates, new resources, and special
    offers

TechNet Flash
  • Briefings on the latest Microsoft products and
    technologies
  • Hands-on, how to information

TechNet Events and Web Casts
  • User Groups
  • Managed Newsgroups

TechNet Communities
37
Where Can I Get TechNet?
  • Visit TechNet Online atwww.microsoft.com/technet
  • Register for the TechNet Flash www.microsoft.com/t
    echnet/subscriptions/flash.asp
  • Join the TechNet Online forum at
    www.microsoft.com/technet/itcommunity
  • Become a TechNet Subscriber at www.microsoft.com/t
    echnet/buynow/subscribe
  • Attend More TechNet Events or view
    on-linewww.microsoft.com/technet/tcevents/itevent
    s

38
(No Transcript)
Write a Comment
User Comments (0)
About PowerShow.com