SlideShare uma empresa Scribd logo

Ads overview-en

Transferir como PPT, PDF
Sandip More
Sandip More
EducaçãoTecnologiaNegócios
1 de 32
Microsoft Active Directory An Overview
What is Active Directory?  Microsoft‘s new Directory Service  Called: ADS, NTDS  Successor to LAN Manager Domains  Goals • Open Standards • High Scalability • Simplified Administration • Compatibility to existing Windows NT systems and applications
Open Standards  LDAP • Low-Level API to Active Directory  X.500 • Active Directory Structure • Not fully standard-compliant  DNS • Resource Location • Extensions, e. G. „Dynamic DNS“  Kerberos • Authentication
Active Directory Structure  Hierarchical  Base object Domain Domain Tree Forest OU Domain Domain Domain OU OU Tree Domain Domain Objects
Which objects does Active Directory contain?  „old Friends “ • User • Group • Computer  New Elements • Distribution Lists • System Policies  Application defined custom objects  Described in the Schema
What is the Schema?  Definition of all AD • Object-Types (Classes) • Attributes • Data-Types (Syntaxes)  Can be compared to a Database Schema  ONE consistent Schema inside a single Forest  Extensible
What is a Domain?  AD Base Element (Building Block)  NT 4 Compatible  Physically Implemented on Domain Controllers (DC)  Border for • Replication Traffic Firma.de • System Policies • Administration
What is an Organizational Unit (OU)?  Implements a Structure inside a Domain  Can be nested as needed  Can not be assigned any rights  Typically used for Administrative Reasons • e.g. System Policies LA New York Admin Sales Admin Sales
What is a Tree?  Hierarchical Domain Structure inside a single Namespace • adiscon.com adiscon.com • la.adiscon.com Tree • ny.adiscon.com la.adiscon.com ny.adiscon.com  Transitive Trusts created automatically  Sub-Domain must be added to Root- Domain – otherwise there will be no tree!
What is a Forest?  Combination of Trees  Disjunct Namespaces • adiscon.de • adiscon.com  Transitive Trusts created automatically  There is one single tree-root!  Sub-Tree must be added to Root-Tree, otherwise no Forest will be created
The Tree-Root  First Domain installed  Single Schema  Absolutely vital! Domain Tree Forest OU Domain Domain Domain OU OU Tree Domain Domain Objects
Modeling the physical Structure  Not related to logical Structure  Modeled via „Sites“  A site is well connected via fast Network Links  One Site can home multiple Domains  One Domain can spread across many Sites  Domain Database is stored on Domain Controllers
Sample Site Structure  Logical and physical Structure are totally independent of each other! Adiscon.com Site LA Site New York sales.adiscon.com sales.adiscon.com
Which Role can a Server have?  Member Server  Domain Controller  Global Catalog  FSMO • Special Roles carried out by only a limited set of Servers • e.g. PDC Emulator • e.g. Schema Master
What is a Domain-Controller?  Stores a physical Copy of the Active Directory Database • Currently a single Domain per DC supported! • ESE95 Database (MS Exchange)  Logon Services • Kerberos • LAN Manager Authentication  Recommendation: always have at least 2 Domain Controllers!
What is a Global Catalog Server?  Answers AD Search Queries  Must be present to successfully logon  Holds a copy of all Objects of the whole Forest…  ...but holds only a subset of the Attributes • User definable  Recommendation: at least one GC per (larger) Site
Multi Master Replication  Updates can be applied to ANY Domain Controller  Will be Replicated to each other Domain Controls (inside that Domain) within 15 Minutes  Optimized Algorithm reduces Replication Traffic  Not time based (triggered on demand, only)!
Intra-Sites Replication  All Domain Databases involved  Changes are transmitted compressed  via IP (RPC) or SMTP • SMTP not within a single domain!  Time Replication occurs can be configured  Volume of Replication Traffic can not be restricted!  Have an Eye on GCs!
Mixed vs. Native Mode?  Mixed Mode supports Coexistence with NT4 • Default • NT 4 BDCs continue to work • Enables “Fallback Scenario” during Migration  Only Native Mode supports all AD Features • More than 40 MB Domain Database Size • Mostly problem-free „MoveTree“ • Universal Groups, Group nesting  Once you have switched to Native Mode, there is no way back to Mixed Mode!
Are there still Trusts available?  Old fashioned NT 4 Trusts can still be used • Work like always • No additional functionality  Most be used to connect different Forests • Be careful – no common Global Catalog!  Shortcut-Trusts • Connect frequently used Domains to each other (Performance Optimization)
Shortcut-Trusts  Domain A users frequently access Domain B’s Resources Domain  No Change in logical Structure Tree Forest OU Domain A Domain Domain OU OU Tree Domain Domain B Objects
Vital for AD: DNS!  DNS is Active Directory’s Locator Service  Without correctly configured DNS no working Active Directory! • Currently TOP 1 Trouble spot  Can be hosted on non MS-DNS • Minimum BIND Version 8.1.2 • No special Characters in Computer Names • Not really an option • Recommendation: delegate a separate “AD- Zone” on non-MS DNS and use MS-DNS for that zone – saves lots of Trouble!
Who is using Active Directory?  Windows 2000 • Authentication • System Policies  Directory Enabled Applications • Please do not overlook them when planning your AD!
What are Directory-Enabled Applications?  Applications directly using and accessing the Active Directory • e.g. Exchange 2000 • Many more expected!  Typically extend the Schema  May dramatically change usage pattern for Active Directory Resources • Replication Traffic (new Objects, Attributes) • AD Queries (GCs!)
Active Directory Security  Improved Authentication  Permissions applied via ACLs • To Objects as whole • To specific Attributes  Fine-Tuning of Access Permissions possible  Tool-Support to visualize Security Settings currently weak (try Visio!)
What is Kerberos?  „age-old“ Internet-Standard - mature  Commonly used under Unix  Secure Authentication thanks to Encryption  Standard-Authentication Model under Windows 2000  Microsoft Kerberos not fully compatible to other Kerberos Implementations
Delegation of Administration  Admin rights can be delegated to Users or Groups • NOT to OUs!  Delegation via Wizards  Currently “Admin Nightmare” – very hard to detect who has rights • All objects must be viewed separately and manually • Currently no good tools – but expected to be available in the future • Microsoft itself also plans to provide additional tools
Inheritance in Active Directory  From Top to Bottom  Inheritance can only be blocked completely • No IRF like Novell
Groups  Basically, like under NT 4 • Local Groups are assigned Permissions • Global Groups contain Users  From a single Domain  Global Groups are members in Local Groups for Permission assignment  New: Universal Groups • Can be used everywhere in every Domain (Permissions, Members) • Implemented via GC  Replication traffic limits usability
Active Directory Problem Spots  DNS Dependency  No „Merge-Tree“  No Partitioning (only a single Domain per Domain Controller)  Limited Tool-Support  Forest Global Schema  Schema-Modifications can not be undone  Issues will be addressed over time by Microsoft (keep in mind AD is Version 1.0!)
Importance of AD for Microsoft’s Strategy  Most important Product  All new Microsoft Products need or at least work better with Active Directory • Exchange 2000 • SQL Server 2000 • ...  Bill Gates: „We have bet Microsoft on Active Directory.“
Questions?  rgerhards@adiscon.com  www.windows-expert.net

Recomendados

2go ScaleConf 2012
2go ScaleConf 20122go ScaleConf 2012
2go ScaleConf 20122go
 
Encoding Video for the Web - Webinar from ReelSEO.com
Encoding Video for the Web - Webinar from ReelSEO.comEncoding Video for the Web - Webinar from ReelSEO.com
Encoding Video for the Web - Webinar from ReelSEO.comMark Robertson ⏩
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Fundamentals
FundamentalsFundamentals
Fundamentalsvamsi1986
 
HDFS Futures: NameNode Federation for Improved Efficiency and Scalability
HDFS Futures: NameNode Federation for Improved Efficiency and ScalabilityHDFS Futures: NameNode Federation for Improved Efficiency and Scalability
HDFS Futures: NameNode Federation for Improved Efficiency and ScalabilityHortonworks
 
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...DSquare Technologies
 
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and Deployment
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and DeploymentOct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and Deployment
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and DeploymentYahoo Developer Network
 
Common and unique use cases for Apache Hadoop
Common and unique use cases for Apache HadoopCommon and unique use cases for Apache Hadoop
Common and unique use cases for Apache HadoopBrock Noland
 

Recomendados

2go ScaleConf 2012
2go ScaleConf 20122go ScaleConf 2012
2go ScaleConf 20122go
 
Encoding Video for the Web - Webinar from ReelSEO.com
Encoding Video for the Web - Webinar from ReelSEO.comEncoding Video for the Web - Webinar from ReelSEO.com
Encoding Video for the Web - Webinar from ReelSEO.comMark Robertson ⏩
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Fundamentals
FundamentalsFundamentals
Fundamentalsvamsi1986
 
HDFS Futures: NameNode Federation for Improved Efficiency and Scalability
HDFS Futures: NameNode Federation for Improved Efficiency and ScalabilityHDFS Futures: NameNode Federation for Improved Efficiency and Scalability
HDFS Futures: NameNode Federation for Improved Efficiency and ScalabilityHortonworks
 
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...
DSpace Current State, Concerns and Solution by DSquare Technologies (DSpace S...DSquare Technologies
 
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and Deployment
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and DeploymentOct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and Deployment
Oct 2012 HUG: Hadoop .Next (0.23) - Customer Impact and DeploymentYahoo Developer Network
 
Common and unique use cases for Apache Hadoop
Common and unique use cases for Apache HadoopCommon and unique use cases for Apache Hadoop
Common and unique use cases for Apache HadoopBrock Noland
 
13 parr infor 27 03_11
13 parr infor 27 03_1113 parr infor 27 03_11
13 parr infor 27 03_11Acastions
 
Juegos de Bodas
Juegos de BodasJuegos de Bodas
Juegos de BodasAdan Multimedia
 
Sistemas de informacion modificado
Sistemas de informacion modificadoSistemas de informacion modificado
Sistemas de informacion modificadozaira
 
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...AEC Networks
 
Resumen de Sistemas de Información
Resumen de Sistemas de InformaciónResumen de Sistemas de Información
Resumen de Sistemas de Informaciónjemarinoi
 
Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"'Aroo Juárez
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name SystemPeter R. Egli
 
Dns ppt
Dns pptDns ppt
Dns pptMauood Hamidi
 
trabajo microsoft office
trabajo microsoft officetrabajo microsoft office
trabajo microsoft officeAurora Navacerrada Rufo
 
Trabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativoTrabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativoagpmuvi
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Virtualization & Server2008 R2 AD
Virtualization & Server2008 R2 ADVirtualization & Server2008 R2 AD
Virtualization & Server2008 R2 ADEdward Jude
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxJavedAjmal1
 
Active directory
Active directoryActive directory
Active directoryPrasanth Menon
 
1.2 active directory
1.2 active directory1.2 active directory
1.2 active directoryMuuluu
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissionsWiliam Ferraciolli
 
DC
DCDC
DCswapnil dakhore
 
activedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdfactivedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdfsamarth97
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinalRafał Kucharski
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptTrngTn67
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptmwti2
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questionssubhashmr
 

Mais conteúdo relacionado

Destaque

13 parr infor 27 03_11
13 parr infor 27 03_1113 parr infor 27 03_11
13 parr infor 27 03_11Acastions
 
Sistemas de informacion modificado
Sistemas de informacion modificadoSistemas de informacion modificado
Sistemas de informacion modificadozaira
 
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...AEC Networks
 
Resumen de Sistemas de Información
Resumen de Sistemas de InformaciónResumen de Sistemas de Información
Resumen de Sistemas de Informaciónjemarinoi
 
Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"'Aroo Juárez
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name SystemPeter R. Egli
 
Trabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativoTrabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativoagpmuvi
 

Destaque (10)

13 parr infor 27 03_11
13 parr infor 27 03_1113 parr infor 27 03_11
13 parr infor 27 03_11
 
Juegos de Bodas
Juegos de BodasJuegos de Bodas
Juegos de Bodas
 
Sistemas de informacion modificado
Sistemas de informacion modificadoSistemas de informacion modificado
Sistemas de informacion modificado
 
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
Zscaler - webcast de Gartner - Los peligros ocultos detrás de su motor de bús...
 
Resumen de Sistemas de Información
Resumen de Sistemas de InformaciónResumen de Sistemas de Información
Resumen de Sistemas de Información
 
Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"Practicas: "MICROSOFT WORD"
Practicas: "MICROSOFT WORD"
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name System
 
Dns ppt
Dns pptDns ppt
Dns ppt
 
trabajo microsoft office
trabajo microsoft officetrabajo microsoft office
trabajo microsoft office
 
Trabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativoTrabajo practico n 2 sistema operativo
Trabajo practico n 2 sistema operativo
 

Semelhante a Ads overview-en

Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Virtualization & Server2008 R2 AD
Virtualization & Server2008 R2 ADVirtualization & Server2008 R2 AD
Virtualization & Server2008 R2 ADEdward Jude
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxJavedAjmal1
 
1.2 active directory
1.2 active directory1.2 active directory
1.2 active directoryMuuluu
 
activedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdfactivedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdfsamarth97
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptTrngTn67
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptmwti2
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questionssubhashmr
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questionsUmesh Sawant
 
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...CloudIDSummit
 
Active Directory Fundamentals
Active Directory FundamentalsActive Directory Fundamentals
Active Directory FundamentalsAngie Miller
 
The Efficient Use of Cyberinfrastructure to Enable Data Analysis Collaboration
The Efficient Use of Cyberinfrastructure to Enable Data Analysis CollaborationThe Efficient Use of Cyberinfrastructure to Enable Data Analysis Collaboration
The Efficient Use of Cyberinfrastructure to Enable Data Analysis CollaborationCybera Inc.
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJIDSajid khan
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioAVEVA
 
02-Active Directory Domain Services.pptx
02-Active Directory Domain Services.pptx02-Active Directory Domain Services.pptx
02-Active Directory Domain Services.pptxAdiWidyanto2
 

Semelhante a Ads overview-en (20)

Ads Overview En
Ads Overview EnAds Overview En
Ads Overview En
 
Virtualization & Server2008 R2 AD
Virtualization & Server2008 R2 ADVirtualization & Server2008 R2 AD
Virtualization & Server2008 R2 AD
 
Active-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptxActive-Directory-Domain-Services.pptx
Active-Directory-Domain-Services.pptx
 
Active directory
Active directoryActive directory
Active directory
 
1.2 active directory
1.2 active directory1.2 active directory
1.2 active directory
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissions
 
DC
DCDC
DC
 
activedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdfactivedirectory-i-100902105735-phpapp01.pdf
activedirectory-i-100902105735-phpapp01.pdf
 
Active directoryfinal
Active directoryfinalActive directoryfinal
Active directoryfinal
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.ppt
 
ACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.pptACTIVE-DIRECTORY.ppt
ACTIVE-DIRECTORY.ppt
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questions
 
Active directory interview_questions
Active directory interview_questionsActive directory interview_questions
Active directory interview_questions
 
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...
CIS13: A Breakthrough in Directory Technology: Meet the Elephant in the Room ...
 
Fundamentals
FundamentalsFundamentals
Fundamentals
 
Active Directory Fundamentals
Active Directory FundamentalsActive Directory Fundamentals
Active Directory Fundamentals
 
The Efficient Use of Cyberinfrastructure to Enable Data Analysis Collaboration
The Efficient Use of Cyberinfrastructure to Enable Data Analysis CollaborationThe Efficient Use of Cyberinfrastructure to Enable Data Analysis Collaboration
The Efficient Use of Cyberinfrastructure to Enable Data Analysis Collaboration
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJID
 
Security and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web StudioSecurity and LDAP integration in InduSoft Web Studio
Security and LDAP integration in InduSoft Web Studio
 
02-Active Directory Domain Services.pptx
02-Active Directory Domain Services.pptx02-Active Directory Domain Services.pptx
02-Active Directory Domain Services.pptx
 

Último

Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 

Último (20)

Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 

Ads overview-en

  • 2. What is Active Directory?  Microsoft‘s new Directory Service  Called: ADS, NTDS  Successor to LAN Manager Domains  Goals • Open Standards • High Scalability • Simplified Administration • Compatibility to existing Windows NT systems and applications
  • 3. Open Standards  LDAP • Low-Level API to Active Directory  X.500 • Active Directory Structure • Not fully standard-compliant  DNS • Resource Location • Extensions, e. G. „Dynamic DNS“  Kerberos • Authentication
  • 4. Active Directory Structure  Hierarchical  Base object Domain Domain Tree Forest OU Domain Domain Domain OU OU Tree Domain Domain Objects
  • 5. Which objects does Active Directory contain?  „old Friends “ • User • Group • Computer  New Elements • Distribution Lists • System Policies  Application defined custom objects  Described in the Schema
  • 6. What is the Schema?  Definition of all AD • Object-Types (Classes) • Attributes • Data-Types (Syntaxes)  Can be compared to a Database Schema  ONE consistent Schema inside a single Forest  Extensible
  • 7. What is a Domain?  AD Base Element (Building Block)  NT 4 Compatible  Physically Implemented on Domain Controllers (DC)  Border for • Replication Traffic Firma.de • System Policies • Administration
  • 8. What is an Organizational Unit (OU)?  Implements a Structure inside a Domain  Can be nested as needed  Can not be assigned any rights  Typically used for Administrative Reasons • e.g. System Policies LA New York Admin Sales Admin Sales
  • 9. What is a Tree?  Hierarchical Domain Structure inside a single Namespace • adiscon.com adiscon.com • la.adiscon.com Tree • ny.adiscon.com la.adiscon.com ny.adiscon.com  Transitive Trusts created automatically  Sub-Domain must be added to Root- Domain – otherwise there will be no tree!
  • 10. What is a Forest?  Combination of Trees  Disjunct Namespaces • adiscon.de • adiscon.com  Transitive Trusts created automatically  There is one single tree-root!  Sub-Tree must be added to Root-Tree, otherwise no Forest will be created
  • 11. The Tree-Root  First Domain installed  Single Schema  Absolutely vital! Domain Tree Forest OU Domain Domain Domain OU OU Tree Domain Domain Objects
  • 12. Modeling the physical Structure  Not related to logical Structure  Modeled via „Sites“  A site is well connected via fast Network Links  One Site can home multiple Domains  One Domain can spread across many Sites  Domain Database is stored on Domain Controllers
  • 13. Sample Site Structure  Logical and physical Structure are totally independent of each other! Adiscon.com Site LA Site New York sales.adiscon.com sales.adiscon.com
  • 14. Which Role can a Server have?  Member Server  Domain Controller  Global Catalog  FSMO • Special Roles carried out by only a limited set of Servers • e.g. PDC Emulator • e.g. Schema Master
  • 15. What is a Domain-Controller?  Stores a physical Copy of the Active Directory Database • Currently a single Domain per DC supported! • ESE95 Database (MS Exchange)  Logon Services • Kerberos • LAN Manager Authentication  Recommendation: always have at least 2 Domain Controllers!
  • 16. What is a Global Catalog Server?  Answers AD Search Queries  Must be present to successfully logon  Holds a copy of all Objects of the whole Forest…  ...but holds only a subset of the Attributes • User definable  Recommendation: at least one GC per (larger) Site
  • 17. Multi Master Replication  Updates can be applied to ANY Domain Controller  Will be Replicated to each other Domain Controls (inside that Domain) within 15 Minutes  Optimized Algorithm reduces Replication Traffic  Not time based (triggered on demand, only)!
  • 18. Intra-Sites Replication  All Domain Databases involved  Changes are transmitted compressed  via IP (RPC) or SMTP • SMTP not within a single domain!  Time Replication occurs can be configured  Volume of Replication Traffic can not be restricted!  Have an Eye on GCs!
  • 19. Mixed vs. Native Mode?  Mixed Mode supports Coexistence with NT4 • Default • NT 4 BDCs continue to work • Enables “Fallback Scenario” during Migration  Only Native Mode supports all AD Features • More than 40 MB Domain Database Size • Mostly problem-free „MoveTree“ • Universal Groups, Group nesting  Once you have switched to Native Mode, there is no way back to Mixed Mode!
  • 20. Are there still Trusts available?  Old fashioned NT 4 Trusts can still be used • Work like always • No additional functionality  Most be used to connect different Forests • Be careful – no common Global Catalog!  Shortcut-Trusts • Connect frequently used Domains to each other (Performance Optimization)
  • 21. Shortcut-Trusts  Domain A users frequently access Domain B’s Resources Domain  No Change in logical Structure Tree Forest OU Domain A Domain Domain OU OU Tree Domain Domain B Objects
  • 22. Vital for AD: DNS!  DNS is Active Directory’s Locator Service  Without correctly configured DNS no working Active Directory! • Currently TOP 1 Trouble spot  Can be hosted on non MS-DNS • Minimum BIND Version 8.1.2 • No special Characters in Computer Names • Not really an option • Recommendation: delegate a separate “AD- Zone” on non-MS DNS and use MS-DNS for that zone – saves lots of Trouble!
  • 23. Who is using Active Directory?  Windows 2000 • Authentication • System Policies  Directory Enabled Applications • Please do not overlook them when planning your AD!
  • 24. What are Directory-Enabled Applications?  Applications directly using and accessing the Active Directory • e.g. Exchange 2000 • Many more expected!  Typically extend the Schema  May dramatically change usage pattern for Active Directory Resources • Replication Traffic (new Objects, Attributes) • AD Queries (GCs!)
  • 25. Active Directory Security  Improved Authentication  Permissions applied via ACLs • To Objects as whole • To specific Attributes  Fine-Tuning of Access Permissions possible  Tool-Support to visualize Security Settings currently weak (try Visio!)
  • 26. What is Kerberos?  „age-old“ Internet-Standard - mature  Commonly used under Unix  Secure Authentication thanks to Encryption  Standard-Authentication Model under Windows 2000  Microsoft Kerberos not fully compatible to other Kerberos Implementations
  • 27. Delegation of Administration  Admin rights can be delegated to Users or Groups • NOT to OUs!  Delegation via Wizards  Currently “Admin Nightmare” – very hard to detect who has rights • All objects must be viewed separately and manually • Currently no good tools – but expected to be available in the future • Microsoft itself also plans to provide additional tools
  • 28. Inheritance in Active Directory  From Top to Bottom  Inheritance can only be blocked completely • No IRF like Novell
  • 29. Groups  Basically, like under NT 4 • Local Groups are assigned Permissions • Global Groups contain Users  From a single Domain  Global Groups are members in Local Groups for Permission assignment  New: Universal Groups • Can be used everywhere in every Domain (Permissions, Members) • Implemented via GC  Replication traffic limits usability
  • 30. Active Directory Problem Spots  DNS Dependency  No „Merge-Tree“  No Partitioning (only a single Domain per Domain Controller)  Limited Tool-Support  Forest Global Schema  Schema-Modifications can not be undone  Issues will be addressed over time by Microsoft (keep in mind AD is Version 1.0!)
  • 31. Importance of AD for Microsoft’s Strategy  Most important Product  All new Microsoft Products need or at least work better with Active Directory • Exchange 2000 • SQL Server 2000 • ...  Bill Gates: „We have bet Microsoft on Active Directory.“
  • 32. Questions?  rgerhards@adiscon.com  www.windows-expert.net