1 / 13

Microsoft Active Directory Overview

Microsoft Active Directory Overview. 2001/11/06 李宣鋒. Outline. Four Major Components of Windows 2000 Network Three Building Blocks of Active Directory Global Catalog FSMO Groups. Four Major Components of Windows 2000 Network. 1. Domains.

helga
Télécharger la présentation

Microsoft Active Directory Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Active Directory Overview 2001/11/06 李宣鋒

  2. Outline • Four Major Components of Windows 2000 Network • Three Building Blocks of Active Directory • Global Catalog • FSMO • Groups

  3. Four Major Components of Windows 2000 Network

  4. 1. Domains • X.500-based hierarchical structure of containers and objects • DNS domain name as unique identifier • Security boundary • account • domain trusts • Policies • users • machines

  5. 2. Domain Trees mycorp.com finance.mycorp.com sales.mycorp.com mktg.mycorp.com pre.sales.mycorp.com post.sales.mycorp.com

  6. 3. Forests • Forests are named after the first domain tree that they contain • Forest Root Domain • has special properties • if deleted, the forest would be irretrievably destroyed

  7. 4. Organizational Units • Organizational Units have domainlike properties, whereas Container do not. • Security boundary • There is no option to create a Container • Just use Organizational Units

  8. Three Building Blocks of Active Directory Naming Contexts  Parts • Domain Naming Contexts • users, groups, and Organizational Units for a domain • Configuration Naming Contexts • physical site layout • structure of trees in the forest • services • Schema Naming Contexts • object definitions

  9. Global Catalog • Used to help in rapidly responding to searches • Forest wide • Hold a selection of object properties • Query comes  GC  Active Directory

  10. FSMO • Flexible Single Master Operation • Multiple DCs potentially make conflicting changes • FSMO role owner • NTDSUTIL

  11. FSMO (cont.) • Schema Master (enterprise-wide) • Allow changes to Schema • Domain Naming Master (enterprise-wide) • Control changes to namespace • PDC Advertiser (domain-wide) • Backward compatibility with NT • RID Master (domain-wide) • Make sure all SIDs are unique RID value • Infrastructure Master (domain-wide) • Maintain references to objects in other domains

  12. Groups • Domain local (domain-wide) • Domain global (domain-wide) • Universal (forest-wide) • Each type of group can have two scopes • Distribution group: like mailing-list • Security group: ACLs

  13. Reference • “Windows 2000 Active Directory” by Alistair G. Lowe-Norris, O’REILLY

More Related