OpenFT V12.0 Installation and Administration (Windows Systems)
Windows Administration
description
Transcript of Windows Administration
![Page 1: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/1.jpg)
Windows Administration
Active Directory Domain Services
Borislav Varadinov
Telerik Software Academy
academy.telerik.com
System [email protected]
![Page 2: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/2.jpg)
Table of Contents Domains and Forests Objects Sites and Replication Operation Masters
2
![Page 3: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/3.jpg)
3
Active Directory Domains and Forests
![Page 4: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/4.jpg)
What is a Domain Controller?
Manages the Active Directory Objects and Database
Responds to security authentication requests
Replicates information from other domain controllers
Provides information for various network resources
Can be Writable or Read Only
4
User PassJohn P@sswOrdJane 12345
AD DB
OBJECT
![Page 5: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/5.jpg)
What is a Domain?
5
ADDB
ADDB
ADDB
Boundary of Replication Boundary of Administration Boundary of DNS Namespace
Replication
MyCorporation.local
![Page 6: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/6.jpg)
What is a Forest?
All Domains in a Forest share: Schema Configuration Global Catalog
The forest is also considered as a security boundary 6
BeraXo.local
USA.BeraXo.local
BeraXoConsultancy.org
![Page 7: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/7.jpg)
Schema Attributes
Username Description Location
Classes User Computer Contact
7
Username
Password
Address
User
Contact
Name
![Page 8: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/8.jpg)
Naming Contexts and Partitions Schema
Definitions of object classes and attributes Replicated to all DCs in the forest
Configuration AD Structure (domains, sites, etc.) Replicated to all DCs in the forest
Domain Domain specific objects (users, groups,
computers, and OUs) Replicated to all DCs in a domain
Application Partitions8
![Page 9: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/9.jpg)
Global Catalog Partial Replica of all Objects
in the Forest Configurable subset of Attributes Fast Forest-wide searches Required at Logon for Universal
Group Membership Win2k3 – Universal Group Caching
9
![Page 10: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/10.jpg)
Trusts
10
BeraXo.local
USA.BeraXo.local
PartnerCorp.local
External or Forest
Provides access to resources located on a domain in a separate forest
Trust options Direction Transitivity
Child
TypeParent/ChildExternalForestShortcutRealm
![Page 11: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/11.jpg)
Active Directory and DNS
The DNS Service is an essential part of Active Directory Active Directory cannot work
without DNS Service (Even on a single server)
Active Directory and DNS share identical domain name
Domain Controller locator process rely on DNS
DNS Service can store its data in Active Directory 11
![Page 12: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/12.jpg)
Active Directory Integrated DNS Zone
SRV Records to locate services LDAP Kerberos Other
Active Directory-integrated DNS DDNS for Dynamic Update Single replication topology Multi-master replication Secure Dynamic update
12
![Page 13: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/13.jpg)
Protocols and Technologies
LDAP Kerberos NTLM RPC DNS
13
DSA
LDAP
NTLM KerberosDNS
RPC
Replication
Windows OS
Extensible Storage Engine
![Page 14: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/14.jpg)
Active Directory Objects
![Page 15: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/15.jpg)
Domain Users
15
John
![Page 16: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/16.jpg)
Domain Groups Type
Security Distribution
Scope Domain Local Global Universal
16
HR Department
John Bill Kelly
![Page 17: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/17.jpg)
Domain Computers
17
![Page 18: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/18.jpg)
Organizational Units Containers within
Domains Organizes users,
groups and other objects
Represents departments or geographic regions
Main uses: Organization Delegation Policies
18
Users
SalesIT
![Page 19: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/19.jpg)
Domain Security Principles Users
Groups Computers Built-in Security Groups
Administrators Backup Operators Users Power Users Print Operators
19
![Page 20: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/20.jpg)
Active Directory Sites and Replication
![Page 21: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/21.jpg)
Active Directory Sites What is a Site?
A set of well-connected IP subnets Site Usage
Locating Services Replication Group Policy Application
Sites are connected with Site Links Connects two or more sites
21
![Page 22: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/22.jpg)
Site Usage (Location Services)
22
![Page 23: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/23.jpg)
Site Usage (Replication)
23
![Page 24: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/24.jpg)
Multi-Master Replication
Conflict resolution Operation Masters
24
![Page 25: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/25.jpg)
Operation Master
![Page 26: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/26.jpg)
Operation Master What is an Operation Master? Why we need Operation Masters?
26
![Page 27: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/27.jpg)
Operation Masters Forest-Wide
Schema Master Domain Naming Master
Domain-Wide Primary Domain Controller (PDC) Relative Identifier (RID) Infrastructure Master
27
![Page 28: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/28.jpg)
Schema Master Performs updates to schema Sends updates to all DCs One per forest Default is the first DC installed
28
![Page 29: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/29.jpg)
Domain Naming Master Performs add/remove of domains and cross-references to external DS
One per forest Default is the first DC installed
29
![Page 30: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/30.jpg)
Install Active Directory Dcpromo DNS Management Tools
30
![Page 31: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/31.jpg)
форум програмиране, форум уеб дизайнкурсове и уроци по програмиране, уеб дизайн – безплатно
програмиране за деца – безплатни курсове и уроцибезплатен SEO курс - оптимизация за търсачки
уроци по уеб дизайн, HTML, CSS, JavaScript, Photoshop
уроци по програмиране и уеб дизайн за ученициASP.NET MVC курс – HTML, SQL, C#, .NET, ASP.NET MVC
безплатен курс "Разработка на софтуер в cloud среда"
BG Coder - онлайн състезателна система - online judge
курсове и уроци по програмиране, книги – безплатно от Наков
безплатен курс "Качествен програмен код"
алго академия – състезателно програмиране, състезанияASP.NET курс - уеб програмиране, бази данни, C#, .NET, ASP.NET
курсове и уроци по програмиране – Телерик академия
курс мобилни приложения с iPhone, Android, WP7, PhoneGapfree C# book, безплатна книга C#, книга Java, книга C# Дончо Минков - сайт за програмиране
Николай Костов - блог за програмиранеC# курс, програмиране, безплатно
?? ? ?
??? ?
?
? ?
??
?
?
? ?
Questions?
?
Active Directory Domain Services
http://academy.telerik.com
![Page 32: Windows Administration](https://reader035.fdocuments.in/reader035/viewer/2022062501/5681638d550346895dd4837a/html5/thumbnails/32.jpg)
Free Trainings @ Telerik Academy
"Web Design with HTML 5, CSS 3 and JavaScript" course @ Telerik Academy html5course.telerik.com
Telerik Software Academy academy.telerik.com
Telerik Academy @ Facebook facebook.com/TelerikAcademy
Telerik Software Academy Forums forums.academy.telerik.com