1 / 23

Module 1: An Overview of Windows 2000 Directory Services

Module 1: An Overview of Windows 2000 Directory Services. Overview. What Is a Directory Service? What Is Active Directory? How Does Active Directory Work? Where Does Active Directory Fit into Windows NT 5.0 Architecture?. What Is a Directory Service?. Definition Basic Features

hoang
Download Presentation

Module 1: An Overview of Windows 2000 Directory Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Module 1:An Overview of Windows 2000 Directory Services

  2. Overview • What Is a Directory Service? • What Is Active Directory? • How Does Active Directory Work? • Where Does Active Directory Fit into Windows NT 5.0 Architecture?

  3. What Is a Directory Service? • Definition • Basic Features • Information source • Administration • Common set of rules • Search method

  4. Objects Global Catalog What Is Active Directory? Basic Features Active Directory Information Source Administration Common Set of Rules Search Method Extensible Directory Single Point of Access Common Definitions Leverages Internet Naming Standard and Existing Protocols

  5. Extensible A B C Partitions Single Point of Access Basic Active Directory Features Domain Name System (DNS) Schema LDAP tailspintoys.msft Definitions

  6. What Are Windows 2000 Directory Services From Windows 2000 web site

  7. What Active Directory Can Do • From Windows 2000 web site • Scalability without complexity • – Active Directory scales to millions of objects per partition and uses indexing technology and advanced replication techniques to speed performance • Built around Internet standards– Active Directory provides access to all features through LDAP and uses a DNS-based name space • Flexible, simple security model– Active Directory supports multiple authentication protocols such as Kerberos, X.509 certificates and Smart Cards, and provides a consistent and highly scalable way to manage access control privileges based on security groups • Facilitates directory consolidation– Active Directory provides synchronization support through LDAP-based interfaces and scales to accommodate application-specific directory consolidation requirements • Provides a comprehensive feature set and development environment.Active Directory and Windows 2000 provide a comprehensive and compelling platform on which to develop and deploy Active Directory-enabled applications

  8. UNIX Active Directory NDS Lotus Notes Fault Tolerance Enhanced Queries Security Controls Interoperability Full Active Directory Capabilities • Basic Features • Extensible Directory as Information Source • Single Point of Access for Administration • Common Definitions - Schema • Internet Naming Standard for Searching - DNS Moose:I used the text graphic and then went with the graphics that you had placed there and put labels to them. Let me know...

  9. How Does Active Directory Work? • Active Directory Namespace and Name Resolution • Active Directory Name Types • Logical Structure Elements • Logical Structure Organization • Logical Structure Relationships • Physical Structure Components • Physical Structure Operations • Active Directory Security Features

  10. Active Directory Naming Standards • Active Directory Naming • Namespace • Name resolution DNS LDAP Active Directory

  11. Active Directory Name Types and Conventions • Active Directory Name Types: • Distinguished Name • Relative Distinguished Name • User Principal Name • Active Directory Naming Conventions: • Domain Name System • Lightweight Directory Access Protocol

  12. Schema Logical Structure Elements Classes Kate Norton: Schema- rules about all objects in the forest. Need better graphic Attributes Computers Users Groups Files Objects Moose:just tried this out - not sure whether you wanted a permanent new schema graphic or one that works with this slide in a particular way. Printers Applications Security Policies

  13. OU DomainController Schema OU OU OU OU OU OU Objects Logical Structure Organization Kate Norton: I tried to show this server as separate from logical section by giving it a different background. Kate Norton: I tried to dim the previously discussed topics to emphasize domains, and organizational units (OU)’s. I’m sure this can be improved. OU OU OU OU OU OU OU OU Domain

  14. Global Catalog OU OU OU OU OU OU OU OU OU OU OU OU OU OU OU Schema Objects Logical Structure Relationships Forest Domain Tree Domain Domain Tree Domain

  15. Domain Controller Domain Controller Domain Controller Physical Structure Components Site Topology Site Site

  16. Global Catalog Domain Controller 1 Domain Controller 2 Domain Controller 3 Domain Controller 4 Domain Controller 5 Physical Structure Operations Forest Partitions Replication Replication

  17. Active Directory Security Features • Access Control List • Delegation • Inheritance • Trust Relationships

  18. Where Does Active Directory Fit into Windows NT 5.0 Architecture? • Active Directory in Windows NT 5.0 Architecture • Windows NT 5.0 Security Subsystem and the Local Security Authority • Directory Service Module • Active Directory Internal Logical Architecture

  19. Active Directory in Windows NT 5.0 Architecture ActiveDirectory POSIX Application Win32 Application OS/2 Application POSIX Subsystem Win32 Subsystem OS/2 Subsystem Security Subsystem User Mode Kernel Mode Executive Services I/O manager SecurityReference Monitor IPC Manager Memory Manager Process Manager Plug & Play Manager Power Manager Window Manager File Systems Graphics Device Drivers Object Manager Device Drivers Micro-Kernel Hardware Abstraction Layer (HAL) Executive Hardware

  20. Windows NT 5.0 Security Subsystem and the Local Security Authority Local Security Authority (Lsass.exe) in the Security Subsystem NTLMMsv1_0.dll SSLSchannel.dll KerberosKerberos.dll Secur32.DLL Net Logon Service Netlogon.dll RPC LSA Server ServiceLsasrv.dll RPC Security Accounts Manager Samsrv.dllL RPC LDAP Directory Service Ntdsa.dll RPC Registry Subset of Replicated Data

  21. Directory Service Module LDAP/ADSI/ and Outlook Clients Replication Transports (RPC, SMTP, IP) Windows NT4.0 NET APIs Windows NT4.0 BDC Replication Exchange Mgmt Tools Outlook Clients LDAP REPL NSPI XDS SAM Directory System Agent (DSA) Database Layer NTFS Extensible Storage Engine (ESE)

  22. Active Directory Internal Logical Architecture rootDSE Configuration Container Schema Sites Partitions Services

  23. Review • What Is a Directory Service? • What Is Active Directory? • How Does Active Directory Work? • Where Does Active Directory Fit into Windows NT 5.0 Architecture?

More Related