Active Directory Fundamentals
What Will We Cover?
Active Directory concepts Domains, trees, forests Domain controllers, sites Domain Naming Service Replication Operations masters
�Helpful Experience
Experience with the Windows user interface Experience supporting Microsoft networks
Level 200
�Agenda
Logical Concepts of Active Directory Physical Concepts of Active Directory DNS in 10 Minutes Overview of Active Directory Replication The role played by Operations Masters
�What Is a Directory Service?
A service that helps track and locate objects on a network
Active Directory Management
�What Is a Directory Service?
A service that helps track and locate objects on a network
Active Directory Management
Workstations Services Files Users
�Active Directory Domains
CONTOSO.COM
�Active Directory Domains
Boundary of Authentication
CONTOSO.COM
�Active Directory Domains
Boundary of Authentication
Boundary of Policies
CONTOSO.COM
�Active Directory Domains
Boundary of Authentication
Boundary of Policies
CONTOSO.COM
Boundary of Replication
�Active Directory Trees
CONTOSO.COM
US.CONTOSO.COM
OHIO.US.CONTOSO.COM
�Active Directory Trees
Shared Schema CONTOSO.COM Configuration US.CONTOSO.COM
OHIO.US.CONTOSO.COM
Global Catalog
�Transitive Trusts
CONTOSO.COM
UK.CONTOSO.COM US.CONTOSO.COM
�Transitive Trusts
CONTOSO.COM
UK.CONTOSO.COM US.CONTOSO.COM
�Active Directory Forests
CONTOSO.COM FABRIKAM.COM
US.CONTOSO.COM
UK.FABRIKAM.COM
Schema
Configuration
Global Catalog
�Demo
demonstration
Reviewing Domains and Trusts
�Organizational Units
CONTOSO.COM
�Organizational Units
Organized For:
Administration
Same Requirements Same Requirements Delegation Delegation
OU Admin
CONTOSO.COM
�Organizational Units
Organized For:
Administration
Same Requirements Same Requirements Delegation Delegation
Group Policy
Configuration Configuration
OU Admin
CONTOSO.COM
OU Policy
�Organizational Units
Organized For:
Administration
Same Requirements Same Requirements Delegation Delegation
Group Policy OU Admin
Configuration Configuration Security Security
OU Security
CONTOSO.COM
OU Policy
�Organizational Unit Applications
Sales Department
Marketing Department
�Organizational Unit Applications
London
New York
�Organizational Unit Applications
Desktops
Printers
�Organizational Unit Applications
Desktops
Printers
Hardware Devices
�Demo
demonstration
Using Organizational Units
Review Organizational Units Create New Organizational Units
�Agenda
Logical Concepts of Active Directory Physical Concepts of Active Directory DNS in 10 Minutes Overview of Active Directory Replication The role played by Operations Masters
�Domain Controllers
PDC
BDC BDC Windows NT 4.0
�Domain Controllers
PDC DC
BDC BDC Windows NT 4.0
DC DC Windows Server 2003
�Active Directory Sites
Site A
WAN Link
Site B
�Active Directory Sites
Site A
WAN Link
Sites Used To:
Locate Services Site B
�Active Directory Sites
Site A
WAN Link
Sites Used To:
Locate Services Optimize Replication Site B
�Active Directory Sites
Site A
WAN Link
Sites Used To:
Locate Services Optimize Replication Define Policies Site B
�Sites and Domains
Site A
Site B
�Sites and Domains
US.CONTOSO.COM Site A
CONTOSO.COM
Site B
�Global Catalog
Spans all domains Contains object attributes Used for searches Exists on domain controllers
�Demo
demonstration
Using Sites and Global Catalogs
Create a Site Review Global Catalog Settings Choose Global Catalog Attributes
�Agenda
Logical Concepts of Active Directory Physical Concepts of Active Directory DNS in 10 Minutes Overview of Active Directory Replication The role played by Operations Masters
�DNS
Domain Naming System locates network services and resources.
DNS Request Process
Requested Service Site Information DNS Server DC
�DNS
Domain Naming System locates network services and resources.
DNS Request Process
Requested Service Site Information DNS Server DC Cache
IP Addresses SVR Records
�DNS
Domain Naming System locates network services and resources.
DNS Request Process
Requested Service Site Information DNS Server DC Cache
IP Addresses SVR Records
�DNS Systems and Requirements
BIND 8.1.2 Windows NT Windows 2000 Windows Server 2003
Dynamic Update* AD Integration Secure Update SRV Records*
* Required for Active Directory
�DNS Migration
Upgrade to BIND 9.x Upgrade to Microsoft DNS Delegate to Microsoft DNS
�Demo
demonstration
Working with DNS
Review DNS Zones Review Host Records and Dynamic Update
�Agenda
Logical Concepts of Active Directory Physical Concepts of Active Directory DNS in 10 Minutes Overview of Active Directory Replication The role played by Operations Masters
�Replication Scope
Across Forest:
Schema NC
�Replication Scope
Across Forest:
Schema NC Configuration NC
�Replication Scope
Across Domain
Domain NC
Across Forest:
Schema NC Configuration NC
�More Replication Scope
Intrasite (Token Ring)
�More Replication Scope
Intersite (Compressed)
Intrasite (Token Ring)
�Demo
demonstration
Working with Replication
Enable Replication Review Replication
�Agenda
Logical Concepts of Active Directory Physical Concepts of Active Directory DNS in 10 Minutes Overview of Active Directory Replication The role played by Operations Masters
�Operations Masters
Performs operation exclusively Within designated scope Defaults to first domain controller
�Operations Master Roles
Forest Roles
Schema Master
Domain Master
�Operations Master Roles
Forest Roles
Schema Master
Domain Roles
PDC Emulator RID Master
Domain Master
Infrastructure
�Session Summary
Manage and control your network resources more easily with OUs. Upgrade to the free Microsoft DNS package for enhanced integration. Active Directory replication protects data and optimizes network traffic.
�For More Information
Visit TechNet at
www.microsoft.com/technet
Visit the following URL for additional information
www.microsoft.com/technet/ADD-01
or
technet.microsoft.com/ADD-01
�Microsoft Press Publications
For the latest titles, visit
www.microsoft.com/learning/books/itpro/
�Non-Microsoft Publications
These books can be purchased at all major bookstores and online retailers.
�Training Resources
Course ID Title
2199 2282
Jumpstart: Active Directory Fundamentals Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure
For training information and availability
www.microsoft.com/learning
�Readiness with Skills Assessment
Self-study learning tool free to anyone Determines skills gaps Provides learning plans Post your score; see how you stack up
Visit www.microsoft.com/assessment
�Become a Microsoft Certified Professional
What are MCP certifications?
Validation in performing critical IT functions
Why certify?
Worldwide recognition of skills gained through experience More effective deployments with reduced costs for your organizations
What certifications are there for IT pros?
MCP, MCSE, MCSA, MCDST, MCDBA
www.microsoft.com/learning/mcp
�Heard the News about TechNet?
Software without time limits Complimentary technical support The most current resources on hand
www.microsoft.com/technet/subscriptions
�Find all these support options at www.microsoft.com/technet/support
Microsoft offers a progressive series of support options starting with no-charge online support and developing through subscription, incident, and contract support. 1. No-Charge Online Support
Knowledge Base
Search a vast database of articles to pinpoint the information you need.
2. Subscription-Based Support
TechNet Subscription
Subscribe to TechNet for a personal library of articles, service packs, how-tos, resource kits, tools, utilities, and more. Your subscription includes monthly updates delivered on CD or DVD, so you always have the latest information, straight from the source. Upgrade to a TechNet Plus subscription and add all this: 1. Full-version evaluation software, including Microsoft Office System and Windows Server System products, without time restrictions. 2. Free support two complimentary incidents, plus a discount on other support calls. 3. Unlimited, next-business-day access to reliable answers from the IT community and Microsoft Support Professionals through Managed Newsgroups (English only).
3. Assisted Incident Support
E-mail Support
Get online incident help via e-mail from a Microsoft Support Professional.
4. Contract-Based Support
Premier Support
Newsgroups
Access over 20,000 active newsgroups on scores of topics.
Phone Support
Get incident help over the phone from a Microsoft Support Professional.
Product Support Centers
Get answers to frequently asked questions, plus how-to articles and stepby-step instructions organized by product.
Phone Support Contract
Save with a discounted 5-Pack Phone Support contract.
Advisory Services
Add remotely delivered consultation options from Microsoft Advisory Services for proactive support that goes far beyond routine product maintenance.
Get the flexibility to match support options to your organization and enjoy direct access to Microsoft technical experts at any time, day or night. Premier Support delivers customized options for businesses with complex needs, including dedicated technical professionals to oversee your support, 24x7 problem resolution, and training and workshops that keep your IT staff up to date.
DLL Help Database
Search here to identify the software used to install a specific DLL version.
Essential Support
Essential Support offers prepackaged options specifically designed to meet the fundamental support requirements of any business, large or small. Includes account management, problem resolution, and information services.
Events and Errors Message Center
Resolve event and error messages fast with explanations, recommendations, and links to support and resources.
Support Webcasts
Tune in to live technical presentations by Microsoft experts and take part in realtime Q&A.
Chats
Chat online with Microsoft specialists or search the transcript archives.
User Group Program
Access information and support for IT and other interest-specific user groups.
TechNet Security Resource Center
Get ahead of security risks with resources that keep you current, including security newsletters and the Microsoft notification service.
�Where Else Can I Get Help?
Free chats and webcasts List of newsgroups Microsoft community sites Community events and columns
www.microsoft.com/technet/community
