SlideShare a Scribd company logo

Introduction to active_directory

C
Couploa Couploa

The document provides an overview of Active Directory, including what it is and is not, the tools used to manage it, authentication and authorization concepts, management concepts like organizational units and group policy, and additional Microsoft services that integrate with Active Directory like Windows Server Update Services and Distributed File System. The presentation covers the basics of Active Directory, its core functions of authentication, authorization, and centralized management, and how it is based on LDAP to store directory information that can be accessed remotely.

Technology
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Introduction to Active Directory December 10th, 2008 1-3pm Daniels 407
What we are going to cover... ● The basics of Active Directory ● What AD is ● What AD isn't ● Tools ● Management Concepts ● Additional Services ● Q & A
Active Directory is... A directory service that provides the ability for centralized: ● Authentication ● Authorization ● Management   Active Directory is based on LDAP.  LDAP is an industry standard method to access information from a remote database.  LDAP does not define what sorts of info are stored or how it should be stored, only how to access it. Any type of data can be stored in a properly constructed LDAP service. In fact, Active Directory Application Mode is just a stand-alone LDAP server. Active directory stores copies of it's data on several Domain Controllers (DC's).  If one fails, services are still available.
Tools Remote Server Administration Toolkit (RSAT)  includes: ● Active Directory Users and Computers (ADUC) ● Group Policy Management Console (GPMC) ● Group Policy Editor  ● DFS Management Console ● Print Managment Console Domain-wide Administration: ● Active Directory Sites and Services ● Active Directory Domains and Trusts
AD Objects Organizational Units  Users Computers Groups Links (publishing): ● Shares ● Print Shares
What AD isn't ● A 100% solution ● A desktop environment ● Microsoft only  ● The same as Novell ● 100% Automatable ● A true identity management system ● Perfect   
Authentication Native: ● Kerberos (Version 5) ● NTLMv2 ● LDAP ● Smart Cards/Certificates   Extendable to include:  ● Biometrics Client machines authenticate as well, not just user accounts Supports dual factor authentication Mac, Linux clients can auth against AD
Trusts Trusts don't imply any sort of authorization or rights assignment.  If Domain "A" trusts Domain "B" all it implies is that accounts from "B" can be used in "A"  No rights assignments of any kind are made automatically.   This makes it possible to access resources in multiple domains using a single account.    Trusts: ● Intra-Forest  ● Inter-Forest ● Cross Realm
Authorization Delegation Wizard   Types of Permissions: ● Directory ○ GPO's ○ Manage Groups  ● Machine ○ Local/Remote Login ○ User vs. Admin ○ Group Policy allows setting any local permission   Groups are key to any good permissions model *AD supports Nested Groups*
Management Concepts ● Domain Structure ○ OU structure ○ User/Computer Locations ○ Grouping Strategy ● Group Policy ○ Linking ○ Filtering ■ Groups ■ WMI Filters ○ Starter GPO's ○ Copying GPO's ○ Group Policy Modelling 
Policies vs. Preferences ● Policies: ○ Policies usually cannot be changed by end user  ○ Configuring IE ○ Deploying Software ○ Configuring Desktop Experience  ● Preferences: ○ End user override  optional per setting ○ Pushing Files/Reg Keys/Shortcuts ○ Item-Level Targeting   Both have User and Computer Settings Loopback - Process User settings using Computer location 
Group Policy Examples ● Remote Assistance - Policy ● Remote Administration - Policy ● Configure Wireless - Policy ● Configure Firewall  - Policy ● Deploy Printers - Policy or GPP ● Deploy Startup/Shutdown/Logon/Logoff Scripts - Policy or GPP ● Deploy Software (.msi's) - Policy ● Deploy Scheduled Tasks - GPP ● Mapped Drives - GPP ● Power Settings - GPP
Windows Server Update Services (WSUS) Unified Patch Management for MS Products - FREE ● Apply patches based on grouping ○ Server side groups  ○ *Client Side Targeting via Group Policy* ● Types of Patches: ○ Service Packs/Security Patches/Bugfixes ○ Drivers ○ Defender definitions  ○ Office Patches/Service Packs ○ Add-ons: Windows Media, Silverlight, GPP, etc. ○ Server Products: SQL, IIS  ● Ability to back out patches per group of machines (not always supported by the patches) 
Distributed File System (DFS) DFS is a Network File System Core CAL Required  ● Roots (Namespaces) ○ Delegation  ● Folders ○ Create Arbitrary structure ● Targets ○ Where the files are  ● Multi-Master Replication    
Windows Distribution Services (WDS) Replaces Remote Installation Services (RIS)  Core CAL Required   ● Imaging  for XP/Vista/2K3 Server/2K8 Server ● Uses PXE for medialess install ● Uses WinPE (think Vista on a CD) as install environment ● Can have a library of drivers ● GUI tools for setting up: ○ Post-install scripts ○ Joining a domain
Additional Services Core CAL Required (NCSU has a Site License!):  Certificate Services - PKI File Services (Clustering, iSCSI) Print Services IIS / Webdav Sharepoint Services 3.0   Additional stuff we don't use: DNS/DHCP    Additional CAL Required: Terminal Services  
Questions?

More Related Content

PDF
SQL Queries on Smalltalk Objects
ESUG
 
PDF
EDF2012 Simon Riggs - Open Data, Open Database: PostgreSQL
European Data Forum
 
PDF
Sync IT Presentation 3.16
Marcus Grimaldo
 
PPTX
Netezza online training at GoLogica
GoLogica Technologies
 
PPT
Active directoryfinal
Rafał Kucharski
 
PDF
SQLDay2013_DennyCherry_GettingSQLServiceBrokerUp&Running
Polish SQL Server User Group
 
PPTX
Heterogeneous databases
ravikamma26
 
PPTX
Data driven pages in a word press site - Srikanth Meenakshi
Rajan Vijayan
 
SQL Queries on Smalltalk Objects
ESUG
 
EDF2012 Simon Riggs - Open Data, Open Database: PostgreSQL
European Data Forum
 
Sync IT Presentation 3.16
Marcus Grimaldo
 
Netezza online training at GoLogica
GoLogica Technologies
 
Active directoryfinal
Rafał Kucharski
 
SQLDay2013_DennyCherry_GettingSQLServiceBrokerUp&Running
Polish SQL Server User Group
 
Heterogeneous databases
ravikamma26
 
Data driven pages in a word press site - Srikanth Meenakshi
Rajan Vijayan
 

What's hot (12)

PDF
Presentation on GNM-DMS
Ioannis Alexakis
 
PPTX
Slidy widgets
CC Expertise
 
PDF
BigData in IoT #iotconfua
Andy Shutka
 
PPTX
Globus Connect Server v5 Q&A Briefing
Globus
 
PPT
Database introduction
Harry Potter
 
PPT
IWMW 1997: Web tools
IWMW
 
PPTX
Big data and polyglot solutions
Kumaran Ramanujam
 
PDF
Introduction to the Globus SaaS (GlobusWorld Tour - STFC)
Globus
 
PPTX
Dbx converter1
samuelsarah
 
PDF
Caltech DIBS: Digital Borrowing System
Mike Hucka
 
PPTX
Introduction to GXC-CMS
Tuan Nguyen
 
PDF
Backup aaS Solution Architecture
Olaf Reitmaier Veracierta
 
Presentation on GNM-DMS
Ioannis Alexakis
 
Slidy widgets
CC Expertise
 
BigData in IoT #iotconfua
Andy Shutka
 
Globus Connect Server v5 Q&A Briefing
Globus
 
Database introduction
Harry Potter
 
IWMW 1997: Web tools
IWMW
 
Big data and polyglot solutions
Kumaran Ramanujam
 
Introduction to the Globus SaaS (GlobusWorld Tour - STFC)
Globus
 
Dbx converter1
samuelsarah
 
Caltech DIBS: Digital Borrowing System
Mike Hucka
 
Introduction to GXC-CMS
Tuan Nguyen
 
Backup aaS Solution Architecture
Olaf Reitmaier Veracierta
 
Ad

Similar to Introduction to active_directory (20)

PPT
A brief Introduction_of_Active_Directory
navneetyohaya
 
PPT
Introduction_to_Active_Directory and Windows Server
navneetyohaya
 
PDF
Integrating Linux Systems with Active Directory Using Open Source Tools
All Things Open
 
PPTX
Host Management active directory and domain services in windows server.pptx
abrhamisaac91
 
PDF
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Severalnines
 
PPTX
Chapter Two.pptx
ssuser8347a1
 
PDF
Enterprise Cloud Security
MongoDB
 
PDF
Final domain control policy
BhagyashriJadhav16
 
PDF
Server 2008 r2 ppt
Raj Solanki
 
PPT
Asish verma
Asish Verma
 
PPTX
Automating using Ansible
Alok Patra
 
PDF
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
Worteks
 
PDF
Devoxx Belgium 2017 - easy microservices with JHipster
Julien Dubois
 
PDF
Easy Microservices with JHipster - Devoxx BE 2017
Deepu K Sasidharan
 
PPTX
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Wes Moskal-Fitzpatrick
 
PDF
[Pass the SALT 2021] Hosting Identity in the Cloud with free softwares
Worteks
 
PDF
Scribe insight 04 insight 7.9.0
Scribe Software Corp.
 
PDF
Data Analytics with DBMS
GLC Networks
 
PPTX
Securing Your MongoDB Deployment
MongoDB
 
PPTX
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Bhuvan Gandhi
 
A brief Introduction_of_Active_Directory
navneetyohaya
 
Introduction_to_Active_Directory and Windows Server
navneetyohaya
 
Integrating Linux Systems with Active Directory Using Open Source Tools
All Things Open
 
Host Management active directory and domain services in windows server.pptx
abrhamisaac91
 
Webinar slides: Free Monitoring (on Steroids) for MySQL, MariaDB, PostgreSQL ...
Severalnines
 
Chapter Two.pptx
ssuser8347a1
 
Enterprise Cloud Security
MongoDB
 
Final domain control policy
BhagyashriJadhav16
 
Server 2008 r2 ppt
Raj Solanki
 
Asish verma
Asish Verma
 
Automating using Ansible
Alok Patra
 
[OW2con'21] Hosting Identity in the Cloud with OW2 free softwares
Worteks
 
Devoxx Belgium 2017 - easy microservices with JHipster
Julien Dubois
 
Easy Microservices with JHipster - Devoxx BE 2017
Deepu K Sasidharan
 
Scoping for BMC Discovery (ADDM) Deployment by Traversys Limited
Wes Moskal-Fitzpatrick
 
[Pass the SALT 2021] Hosting Identity in the Cloud with free softwares
Worteks
 
Scribe insight 04 insight 7.9.0
Scribe Software Corp.
 
Data Analytics with DBMS
GLC Networks
 
Securing Your MongoDB Deployment
MongoDB
 
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Bhuvan Gandhi
 
Ad

Recently uploaded (20)

PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PPTX
A Presentation on Touch Screen Technology
memembruh336
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
Encapsulation theory and applications.pdf
gurumoop
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
project resource management chapter-09.pdf
ssuser00e6e21
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
A Presentation on Touch Screen Technology
memembruh336
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 

Introduction to active_directory

  • 1. Introduction to Active Directory December 10th, 2008 1-3pm Daniels 407
  • 2. What we are going to cover... ● The basics of Active Directory ● What AD is ● What AD isn't ● Tools ● Management Concepts ● Additional Services ● Q & A
  • 3. Active Directory is... A directory service that provides the ability for centralized: ● Authentication ● Authorization ● Management   Active Directory is based on LDAP.  LDAP is an industry standard method to access information from a remote database.  LDAP does not define what sorts of info are stored or how it should be stored, only how to access it. Any type of data can be stored in a properly constructed LDAP service. In fact, Active Directory Application Mode is just a stand-alone LDAP server. Active directory stores copies of it's data on several Domain Controllers (DC's).  If one fails, services are still available.
  • 4. Tools Remote Server Administration Toolkit (RSAT)  includes: ● Active Directory Users and Computers (ADUC) ● Group Policy Management Console (GPMC) ● Group Policy Editor  ● DFS Management Console ● Print Managment Console Domain-wide Administration: ● Active Directory Sites and Services ● Active Directory Domains and Trusts
  • 5. AD Objects Organizational Units  Users Computers Groups Links (publishing): ● Shares ● Print Shares
  • 6. What AD isn't ● A 100% solution ● A desktop environment ● Microsoft only  ● The same as Novell ● 100% Automatable ● A true identity management system ● Perfect   
  • 7. Authentication Native: ● Kerberos (Version 5) ● NTLMv2 ● LDAP ● Smart Cards/Certificates   Extendable to include:  ● Biometrics Client machines authenticate as well, not just user accounts Supports dual factor authentication Mac, Linux clients can auth against AD
  • 8. Trusts Trusts don't imply any sort of authorization or rights assignment.  If Domain "A" trusts Domain "B" all it implies is that accounts from "B" can be used in "A"  No rights assignments of any kind are made automatically.   This makes it possible to access resources in multiple domains using a single account.    Trusts: ● Intra-Forest  ● Inter-Forest ● Cross Realm
  • 9. Authorization Delegation Wizard   Types of Permissions: ● Directory ○ GPO's ○ Manage Groups  ● Machine ○ Local/Remote Login ○ User vs. Admin ○ Group Policy allows setting any local permission   Groups are key to any good permissions model *AD supports Nested Groups*
  • 10. Management Concepts ● Domain Structure ○ OU structure ○ User/Computer Locations ○ Grouping Strategy ● Group Policy ○ Linking ○ Filtering ■ Groups ■ WMI Filters ○ Starter GPO's ○ Copying GPO's ○ Group Policy Modelling 
  • 11. Policies vs. Preferences ● Policies: ○ Policies usually cannot be changed by end user  ○ Configuring IE ○ Deploying Software ○ Configuring Desktop Experience  ● Preferences: ○ End user override  optional per setting ○ Pushing Files/Reg Keys/Shortcuts ○ Item-Level Targeting   Both have User and Computer Settings Loopback - Process User settings using Computer location 
  • 12. Group Policy Examples ● Remote Assistance - Policy ● Remote Administration - Policy ● Configure Wireless - Policy ● Configure Firewall  - Policy ● Deploy Printers - Policy or GPP ● Deploy Startup/Shutdown/Logon/Logoff Scripts - Policy or GPP ● Deploy Software (.msi's) - Policy ● Deploy Scheduled Tasks - GPP ● Mapped Drives - GPP ● Power Settings - GPP
  • 13. Windows Server Update Services (WSUS) Unified Patch Management for MS Products - FREE ● Apply patches based on grouping ○ Server side groups  ○ *Client Side Targeting via Group Policy* ● Types of Patches: ○ Service Packs/Security Patches/Bugfixes ○ Drivers ○ Defender definitions  ○ Office Patches/Service Packs ○ Add-ons: Windows Media, Silverlight, GPP, etc. ○ Server Products: SQL, IIS  ● Ability to back out patches per group of machines (not always supported by the patches) 
  • 14. Distributed File System (DFS) DFS is a Network File System Core CAL Required  ● Roots (Namespaces) ○ Delegation  ● Folders ○ Create Arbitrary structure ● Targets ○ Where the files are  ● Multi-Master Replication    
  • 15. Windows Distribution Services (WDS) Replaces Remote Installation Services (RIS)  Core CAL Required   ● Imaging  for XP/Vista/2K3 Server/2K8 Server ● Uses PXE for medialess install ● Uses WinPE (think Vista on a CD) as install environment ● Can have a library of drivers ● GUI tools for setting up: ○ Post-install scripts ○ Joining a domain
  • 16. Additional Services Core CAL Required (NCSU has a Site License!):  Certificate Services - PKI File Services (Clustering, iSCSI) Print Services IIS / Webdav Sharepoint Services 3.0   Additional stuff we don't use: DNS/DHCP    Additional CAL Required: Terminal Services