Components of an active directory infrastucture
Components of an active directory infrastucture :
1. Active Directory Data Store :
g roups, and computers.
4. Forest :
domain is a subdomain of another domain, the two
domains are considered a tree.
6.functional Level :
Windows become available to AD DS.
7. site :
configuration and functionality of Active
Directory sites.
1. Active Directory Data Store :
As
mentioned in the previous section, AD DS stores its identities
|
in the director y—a data store hosted on domain controllers. The directory is
a single
|
f
ile named Ntds.dit and is located by default in the %SystemRoot%\Ntds folder
on a
|
domain
controller. The database is divided into several partitions, including the
schema,
|
conf
iguration, global catalog, and the domain naming context that contains the
data
|
about
objects within a domain—the users, groups, and computers, for example.
|
2.Domain Controller :
Domain
controllers, also referred to as DCs, are servers that perform
|
the AD DS role. As part of that role, they also run the Kerberos Key
Distribution services.
|
3. domain :
One
or more domain controllers are required to create an Active Directory doman.
|
A domain is an administrative unit within which certain capabilities and
charac-
|
teristics
are shared. First, all domain controllers replicate the domain’s partition of
the
|
data
store, which contains among other things the identity data for the domain’s
users,
|
4. Forest :
A Forest is
a collection of one or more Active Directory domains. The first domain
|
installed
in a forest is called the forest root domain.
|
A forest contains a single definition of
|
network
configuration and a single instance of the directory schema. A forest is a
single
|
instance
of the directory—no data is replicated by Active Directory outside the
boundaries
|
of
the forest. Therefore, the forest defines a security boundary. Chapter 12
will explore the
|
concept
of the forest further.
|
5. Tree :
The
DNS namespace of domains in a forest creates trees within the forest. If a
|
6.functional Level :
The
functionality available in an Active Director y domain or forest
|
depends
on its functional level.
|
The functional level is an AD DS setting that enables
|
advanced
domain-wide or forest-wide AD DS features. There are three domain functional
|
levels,
Windows 2000 native, Windows Server 2003, and Windows Server 2008 and two
|
forest
functional levels, Microsoft Windows Server 2003 and Windows Server 2008. As
|
you
raise the functional level of a domain or forest, features provided by that
version of
|
7. site :
When
you consider the network topology of a distributed enterprise, you will cer-
|
tainly
discuss the network’s sites. Sites in Act ive Director y, however, have a
very specific
|
meaning
because there is a specif ic object class called site.
|
An active directory site is an object
that represents a portion of the enterprise within which network connectivity
is good.
|
A site creates a boundary of replication and service usage. Domain
controllers
|
within
a site replicate changes within seconds. Changes are replicated between sites
on
|
a
controlled basis with the assumption that intersite connections are slow,
expensive, or
|
unreliable
compared to the connections within a site. Additionally, clients will prefer
to
|
use
distributed services provided by servers in their site or in the closest
site. For exam-
|
ple,
when a user logs on to the domain, the Windows client first attempts to
authenticate
|
with
a domain controller in its site. Only if no domain controller is available in
the site
|
will
the client attempt to authenticate with a DC in another site. Chapter 11
details the
|
0 comments: