Active Directory Configuration
Chapter 1: Overview of Active Directory Domain Services
Summary
• Active Directory is a database of objects that are used to organize resources according to a logical plan. These objects include containers such as domains and OUs in addition to resources such as users, computers, and printers.
• The Active Directory schema includes definitions of all objects and attributes within a single forest. Each forest maintains its own Active Directory schema.
• Active Directory requires DNS to support SRV records. In addition, Microsoft recommends that DNS support dynamic updates.
• Domain and forest functional levels are new features of Windows Server 2008. The levels defined for each of these are based on the type of server operating systems that are required by the Active Directory design. The Windows Server 2003 forest functional level is the highest functional level available and includes support for all Windows Server 2003 features.
• Two-way transitive trusts are automatically generated within the Active Directory domain structure. Parent and child domains form the trust path by which all domains in the forest can traverse to locate resources. The ISTG is responsible for this process.
• Cross-forest trusts are new to Windows Server 2003, and they are only available when the forest functionality is set to Windows Server 2003. They must be manually crested and maintained.
Chapter 2: Implementing Active Directory
Summary
• Active Directory requires DNS to be installed. DNS does not have to be installed on a Windows Server 2008 machine, but the version of DNS used does need to support SRV records for Active Directory to function.
• Planning the forest and domain structure should include a checklist that can be referenced for dialog information required by the Active Directory Installation Wizard
• Verification of a solid Active Directory installation includes verifying DNS zones and the creation of SRV records. Additional items, such as reverse lookups, aging, and scavenging also should be configured.
• Application directory partitions are automatically created when Active Directory integrated zones are configured in DNS. These partitions allow replica placement within the forest structure.
• System classes of the schema cannot be modified, but additional classes can be added. Classes and attributes cannot be deleted, but they can be deactivated.
• Planning forest and domain functionality is dependent on the need for down-level operating system compatibility. Raising a forest or domain functional level is a procedure that cannot be reversed.
• Four types of manual trusts can be created
You May Also Find These Documents Helpful
-
Active Directory is a multimaster database which means that updates can be made by any writeable DC. Some sensitive operations need to be controlled more stringently than others, such as schema management and adding or removing additional domains from an AD forest. These specified roles are called Flexible Single Master Operations (FSMO). This means only one DC in the replica ring can provide a particular operation.…
- 414 Words
- 2 Pages
Satisfactory Essays -
Wiley, J. (2012). Windows Server 2008 Active Directory Configuration. Hoboken: John Wiley and Sons, Inc.…
- 1426 Words
- 4 Pages
Better Essays -
1. Active directory is controlled from an Active Directory server. The server is accessed by an administrator and then the changes that are made on the AD infrastructure is replicated to all workstations and users that login. AD exists in one location and replicated or issues out the permissions, rules, and roles out to the objects it is managing.…
- 257 Words
- 1 Page
Satisfactory Essays -
Thank you for contacting me regarding your questions, and trust that I will do my best to help you. From what I understand, you work at two branch offices, and have been given the responsibility of discovering where to place an Active-Directory Integrated DNS server. You also have some question of what type DNS server would best meet your company’s needs.…
- 286 Words
- 2 Pages
Satisfactory Essays -
similar to Microsoft Server 's Active Directory. NDS defines the roles of different components in…
- 1042 Words
- 5 Pages
Better Essays -
8. Computers that belong to the same domain can access a common security database of user and computer account information. That type of database on Windows 2003 domain controller servers is also known as a _____ database?…
- 1510 Words
- 7 Pages
Powerful Essays -
Background zone loading is a feature of Windows Server 2008. In this feature, a DNS server on Windows Server 2008 loads zone data from AD DS in the background while the server restarts so that it can respond to the queries from other zones. Because the zone loading is performed by separate threads, the DNS server can reply queries during the zone loading process. This feature is helpful when restarting a DNS server takes a long time due to loading of large zone data and the DNS server is effectively unavailable to service client…
- 466 Words
- 2 Pages
Satisfactory Essays -
Active Directory - A Windows server directory database and service that is used in managing a domain to allow for a single point of administration for all shared resources on a network, including files, peripheral devices, databases, Web sites, users, and services.…
- 986 Words
- 4 Pages
Good Essays -
Centralization sums up my primary reason for implementing Active Directory. The Active Directory structure makes it possible for you to achieve truly centralized management of users, regardless of how big your client’s network has become. If you've worked with Windows NT before, you know that in Windows NT a domain is a completely independent entity. While it's possible to create a trust relationship between domains that exist on a common network, the domains are never truly integrated with each other because there is no higher authority that manages the domains.…
- 1088 Words
- 3 Pages
Powerful Essays -
1) Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data.…
- 518 Words
- 2 Pages
Good Essays -
5. When you configure IPv6 in Windows Server 2008, use of Dynamic "DNS" is supported.…
- 678 Words
- 3 Pages
Good Essays -
In this lab, you used the Microsoft® Active Directory Users and Computers utility to create and manage…
- 271 Words
- 3 Pages
Satisfactory Essays -
An available Active Directory forest running a domain functional level of at least Windows 2000 Server native. The Schema Master role must be running Windows Server 2003 Service Pack 1 (SP1). As already required by the presence of Active Directory you need to have Domain Name Service (DNS) installed and configured properly.…
- 921 Words
- 4 Pages
Better Essays -
A Windows domain model is an organized collaboration of Windows servers whose database contain user information, organizational, functional, and security policies amongst other things. By the nature of the class, the use of Windows Server 2008 R2 is established. Depending on the business and hierarchical topology of the organization that is served by the model, it can be a single domain or made up of multiple domains. If there are multiple domains, they could be organized into a tree or trees that make up a forest or forests.…
- 482 Words
- 2 Pages
Satisfactory Essays -
Type network.dns.disableIPv6 in the filter search bar and set this option to true by double clicking on it.…
- 960 Words
- 4 Pages
Good Essays