Active Directory Notes
Active Directory 2008
* Most common directory service standards: X.500 and Lightweight Directory Access Protocol (LDAP)
* X.500- Uses a hierarchical, creates the Directory Information Tree (DIT), Each object has a unique “Distinguished Name”
* LDAP- Industry Standard, Slim-down version of X.500 modified to run over TCP/IP network.
Active Directory * Used in Windows 2000, Server 2003 and Server 2008 * Introduced new Functional and Security Levels * KCC- Knowledge Consistency Checker) A internal Active Directory Process
Benefits
* Centralized resource and security administration * Single Logon for access * Fault Tolerance and redundancy * Simplified resource location * Scalability
Active Directory Domain Service (AD DS) * Provides full-fledged directory service * Hierarchical Org structure * Multimaster Authentication * Single Point of access for networks * External network trust
Active Director Lightweight Directory Service (AD LDS) * Provides lightweight, flexibility director platform * Used when you don’t have a full blown overhead
Domain Controller * Server that stores AD database and authenticates users with the network during logon * Stores database in the file called ntds.dit * Information automatically replicated between domain controllers (in/out bound)
Forest Root Domain * First Domain created in the FOREST * Inside the Root Domain, the First Root Domain Controller is created.
Netdom
* Used to remove or mange trust
Cross-Forest Trust * Available with Windows * Transitive by nature * Can be configured as either one or two way
Shortcut Trust * Uses a “Trust Path” * Can create a “Short Circuit” Direct path between two domains
2 way trust transit * Automatically setup when installed…A-B.. A-C.. B-C
External Trust * Similar to Shortcut Trust * One-way, NON-TRANSITIVE TRUST * Users on other end of path cannot
* Most common directory service standards: X.500 and Lightweight Directory Access Protocol (LDAP)
* X.500- Uses a hierarchical, creates the Directory Information Tree (DIT), Each object has a unique “Distinguished Name”
* LDAP- Industry Standard, Slim-down version of X.500 modified to run over TCP/IP network.
Active Directory * Used in Windows 2000, Server 2003 and Server 2008 * Introduced new Functional and Security Levels * KCC- Knowledge Consistency Checker) A internal Active Directory Process
Benefits
* Centralized resource and security administration * Single Logon for access * Fault Tolerance and redundancy * Simplified resource location * Scalability
Active Directory Domain Service (AD DS) * Provides full-fledged directory service * Hierarchical Org structure * Multimaster Authentication * Single Point of access for networks * External network trust
Active Director Lightweight Directory Service (AD LDS) * Provides lightweight, flexibility director platform * Used when you don’t have a full blown overhead
Domain Controller * Server that stores AD database and authenticates users with the network during logon * Stores database in the file called ntds.dit * Information automatically replicated between domain controllers (in/out bound)
Forest Root Domain * First Domain created in the FOREST * Inside the Root Domain, the First Root Domain Controller is created.
Netdom
* Used to remove or mange trust
Cross-Forest Trust * Available with Windows * Transitive by nature * Can be configured as either one or two way
Shortcut Trust * Uses a “Trust Path” * Can create a “Short Circuit” Direct path between two domains
2 way trust transit * Automatically setup when installed…A-B.. A-C.. B-C
External Trust * Similar to Shortcut Trust * One-way, NON-TRANSITIVE TRUST * Users on other end of path cannot