ACTIVE DIRECTORY

Active Directory is a Directory Service which Contains Information of All User Accounts and Shared Recourses on a Network.

Active Directory is a Centralized Hierarchical Directory Database

ACTIVE DIRECTORY

What Is Active Directory?

Directory service functionalityDirectory service functionality

OrganizeManageControl

OrganizeManageControl

Centralized managementCentralized management

Single point of administrationSingle point of administration

Active DirectoryActive Directory

ResourcesResources

1.Provide User Logon and Authentication Services

2.To organize and manage:

User Accounts

Computers

Groups and

Network Resources

3 Enables authorized Users to easily locate:

Network Resources

PURPOSE OF ACTIVE DIRECTORY

1.Fully Integrated Security

2.Easy Administration using Group Policy

3.Scalable to any Size Network

4.Flexible

1.Rename Computer Name and Domain Names

2.Cross-Forest Trust Relationship

3.Site-To-Site Replication is Faster

4.Active Directory Application Mode (ADAM)

FEATURES OF ACTIVE DIRECTORY

NEW FEATURES IN ACTIVE DIRECTORY 2003

How Directory Service Evolved

Server (Directory System Agent)

Directory Info Base

Directory Info Tree

Backup Server

Client (Directory User Agent)

DAPDOP

Directory OrganizationManagement Protocol

Earlier we had no DATABASE Standard

So ITU & ISO introduced X.500

DAP Directory Access Protocol is based on OSI Layers

LDAP Lightweight Directory Access Protocol based on TCP/IP Layer

DAP was introduced in BANYAN VINESIt named the Database as STREET TALK

LDAP was first Introduced in NOVELL Novell named it NDS ( Network Directory Services

Logical Structure of Active Directory

FOREST

TREE Parent/Root Child/Branch

Domains: Trees, Forests, Trusts, and OutsActive Directory is made up of one or more domains. Creating the initial domain controller in a network also creates the domain—you cannot have a domain without at least one domain controller. Each domain in the directory is identified by a DNS domain name. You use the Active Directory Domains and Trusts tool to manage domains.

Domains: Trees, Forests

Active Directory is made up of one or more domains.

Creating the initial domain controller in a network also creates the domain—you cannot have a domain without at least one domain controller.

Each domain in the directory is identified by a DNS domain name.

You use the Active Directory Domains and Trusts tool to manage domains.

• In the Windows 2003 operating system, a tree is a set of one or more domains with contiguous names.

• If more than one domain exists, you can combine the multiple domains into hierarchical tree structures.

• The first domain created is the root domain of the first tree.

• Additional domains in the same domain tree are child domains.

• A domain immediately above another domain in the same domain tree is its parent.

TREE

TREE

• Multiple domain trees within a single forest do not form a contiguous namespace; that is, they have noncontiguous DNS domain names.

• Although trees in a forest do not share a namespace, a forest does have a single root domain, called the forest root domain.

• The forest root domain is, by definition, the first domain created in the forest.

• The two forest-wide predefined groups—Enterprise administrators and Schema administrators—reside in this domain.

FOREST

(Forest/Tree Root)

CISCO.COM MCSE.COM

(Tree Root)

Tree

Forest

CCNA.CISCO.COM

(Child Domain)

Tree

FOREST

Physical Components of Active Directory

Domain Controllers

Sites

zoom.com

India USA

WAN Link

Sites

Subnets are associated with sites

A site can span multiple domains

A domain can Span multiple sites