SlideShare a Scribd company logo

Directory services by SAJID

Download as PPT, PDF
S
Sajid khan

A directory service is a database containing information about network objects. LDAP is a scaled-down implementation of the X.500 standard and is used by Active Directory and eDirectory. eDirectory partitions information by location and uses replicas, while Active Directory uses multimaster replication across domains to manage Windows networks and as a phonebook. Group policy objects in Active Directory can be applied to sites, domains, and organizational units to configure settings.

Engineering
1 of 15
Downloaded 48 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Chapter 11: Directory Services
Directory Services • A directory service is a database that contains information about all objects on the network. • Directory services contain data and metadata. • Metadata is information about data. For example: A user account is data. Metadata specifies what information is included in every user account object.
Directory Services • Information within directories is organized hierarchically. This means that there is a strict set of rules as to where certain data is located within the directory based on the properties of that data. • Unlike relational databases such as SQL where information is read and written often, information is usually only read from a directory service, but rarely is it input. For example: User account data changes very little once it has been entered.
Early Directory Services • The first directory service was developed at PARC and was called Grapevine. • X.500 was developed as a directory service standard by the ISO and CCITT. • Although X.500 was developed as a comprehensive standard, as with the OSI model, it was not widely deployed on real- world LANs. • X.500 formed the basis of a standard that is widely deployed known as LDAP. • Some X.500 conventions are used in Active Directory and eDirectory.
LDAP Stands for Lightweight Directory Access Protocol. • LDAP is a scaled-down implementation of the X.500 standard. • Active Directory and eDirectory are based on LDAP. • Netscape’s Directory Server was the first wide implementation of LDAP. It was used primarily for enterprise calendaring and contact management. Netscape’s product was not used for network management. • Most LDAP directories use a single master method of replication. Changes are made to the master databases and then propagated out to subordinate databases. The disadvantage of this scheme is that it has a single point of failure. • Objects within an LDAP directory are referenced using the object’s DN (Distinguished Name). The DN consists of the RDN (Relative Distinguished Name) appended with the names of ancestor entries.
LDAP II RDN of the user object in the figure is cn=ccarpenter. DN of the user object in the figure is cn=ccarpenter,ou=mn,o=emcp,c=us.
Novell eDirectory • eDirectory is a partitioned and loosely replicated directory service. • eDirectory can be used to manage multiple operating systems. • The two primary components of eDirectory are database partitions and database replicas. • Partitions are sectioned off according to location. The partition is hosted on a server local to that location. The primary benefit of this is that authentication is localized.
Novell eDirectory Database replicas are copies of partitions. There are several different types of replicas. Master replica: First copy of partition. Read-write replica: Can be used to authenticate and make changes to objects. Used for redundancy purposes. Read-only replica: Can be used to locate information, but not to change objects. Subordinate reference: Special replicate automatically created. Used as a pointer to a target replica.
eDirectory Object Description country two letter country code locality city or state organization top level container in tree organizational unit container object, used to represent department root top level of tree Container objects are used to organize other objects within the directory. For example: You might place all of the accountant user objects within the accountants organizational unit. In eDirectory, a DN finishes at the organizational level. Objects are separated by periods. An accountant at EMCP with an user account named dmorgan, would have the DN .cn=dmorgan.ou=accountants.o=emcp.
Active Directory • Active Directory is an implementation of LDAP that uses multimaster replication. • Active Directory runs on Windows Server 2003 and Windows 2000 Server on special computers known as domain controllers. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network. • Active Directory can also be used as a type of phonebook. For example, you could query Active Directory to locate all users located on the 2nd floor of a building. Alternatively you could locate all color printers at a particular location. • Any domain controller can process directory updates. • Replication uses the RPC protocol for servers on the same LAN and the SMTP protocol for servers located across WAN links.
Active Directory Components Domain. All user accounts within a domain share a common password policy. Different password policies require separate domains. Site. Used to represent a single physical location within Active Directory. Organizational Unit (OU). Can be used to represent organizational hierarchy. OU can contain OU. Group Policy Object (GPO). Collection of policies that can be applied to domains, sites, and OUs. Forest. Collection of domains with common schema. Tree. Collection of domains with common namespace.
GPO and Delegation • Control of a particular OU can be delegated. For example: You could allow a certain user to administer all of the accountant’s user accounts, without allowing them to administer anyone else’s account. • GPO can be applied to sites, domains, and OU. • GPOs can be used to install software or to configure user environment settings. For example: You could install Microsoft Word at a particular location by creating a GPO that installs word and applying it to that location’s site. Alternatively, if you applied that same GPO to the domain, all users would have Word installed. If you applied that GPO to an OU instead, only users within that OU would have word installed.
Active Directory Naming • Active Directory naming is similar to LDAP and eDirectory, though has a slightly different format. • A user named Orin Thomas located within the Engineers OU in the melbourne.emcp.com domain of a Windows Server 2003 network would have the DN: CN=Orin Thomas,OU=Engineers,DC=Melbourne,DC=EMCP,DC=COM • DNs are often used in scripts that query information from the Active Directory database. • As an administrator you might right a script that queries the database to determine which users have not logged on to the network in the last six months.
Summary • A directory service is a database that contains information about all objects on the network. • LDAP is a scaled-down implementation of the X.500 standard. • eDirectory is a partitioned and loosely replicated directory service. • eDirectory partitions are sectioned off according to location. • eDirectory database replicas are copies of partitions. • Active Directory uses multimaster replication. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network and as a type of phonebook.
Discussion Questions  What is the difference between an Active Directory site and domain?  What is the difference between an eDirectory partition and replica?  Discuss why you would apply one GPO to a domain and another GPO to an OU.  Which Directory Service can be used to manage multiple operating systems?  What weakness exists in the LDAP replication method?

More Related Content

PDF
Directory services
Christalin Nelson
 
PPTX
Unit 2 oracle9i
DrkhanchanaR
 
PPTX
Apache web server
Sabiha M
 
PPTX
Adbms 16 object definition language
Vaibhav Khanna
 
PPT
Data Structure and Algorithms Binary Search Tree
ManishPrajapati78
 
PDF
Database Indexes
Sperasoft
 
PDF
Implementing BGP Flowspec at IP transit network
Pavel Odintsov
 
PPTX
NOSQL Databases types and Uses
Suvradeep Rudra
 
Directory services
Christalin Nelson
 
Unit 2 oracle9i
DrkhanchanaR
 
Apache web server
Sabiha M
 
Adbms 16 object definition language
Vaibhav Khanna
 
Data Structure and Algorithms Binary Search Tree
ManishPrajapati78
 
Database Indexes
Sperasoft
 
Implementing BGP Flowspec at IP transit network
Pavel Odintsov
 
NOSQL Databases types and Uses
Suvradeep Rudra
 

What's hot (20)

PPTX
JSON: The Basics
Jeff Fox
 
PPTX
Top 10 Cypher Tuning Tips & Tricks
Neo4j
 
PPT
08 Dynamic SQL and Metadata
rehaniltifat
 
PPTX
History of Database
Talesun Solar USA Ltd.
 
PPT
Object Oriented Dbms
maryeem
 
PPTX
PLPgSqL- Datatypes, Language structure.pptx
johnwick814916
 
PDF
Intro to Neo4j and Graph Databases
Neo4j
 
PPT
Less12 maintenance
Amit Bhalla
 
PDF
XML-RPC (XML Remote Procedure Call)
Peter R. Egli
 
PDF
Database Health Check
PostgreSQL Experts, Inc.
 
PPTX
introduction to NOSQL Database
nehabsairam
 
PPT
File organisation in system analysis and design
Mohitgauri
 
PPTX
Big data Analytics Hadoop
Mishika Bharadwaj
 
PPTX
Chapter 1 introduction to sql server
baabtra.com - No. 1 supplier of quality freshers
 
PPTX
An Introduction To Oracle Database
Meysam Javadi
 
ODP
Ms sql-server
Md.Mojibul Hoque
 
PPTX
12. oracle database architecture
Amrit Kaur
 
PPT
MYSQL
Ankush Jain
 
PPTX
Client server architecture
Whitireia New Zealand
 
PDF
Introducing Neo4j
Neo4j
 
JSON: The Basics
Jeff Fox
 
Top 10 Cypher Tuning Tips & Tricks
Neo4j
 
08 Dynamic SQL and Metadata
rehaniltifat
 
History of Database
Talesun Solar USA Ltd.
 
Object Oriented Dbms
maryeem
 
PLPgSqL- Datatypes, Language structure.pptx
johnwick814916
 
Intro to Neo4j and Graph Databases
Neo4j
 
Less12 maintenance
Amit Bhalla
 
XML-RPC (XML Remote Procedure Call)
Peter R. Egli
 
Database Health Check
PostgreSQL Experts, Inc.
 
introduction to NOSQL Database
nehabsairam
 
File organisation in system analysis and design
Mohitgauri
 
Big data Analytics Hadoop
Mishika Bharadwaj
 
Chapter 1 introduction to sql server
baabtra.com - No. 1 supplier of quality freshers
 
An Introduction To Oracle Database
Meysam Javadi
 
Ms sql-server
Md.Mojibul Hoque
 
12. oracle database architecture
Amrit Kaur
 
MYSQL
Ankush Jain
 
Client server architecture
Whitireia New Zealand
 
Introducing Neo4j
Neo4j
 
Ad

Similar to Directory services by SAJID (20)

PPT
Active directoryfinal
Rafał Kucharski
 
PPTX
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
PDF
Active directory interview_questions
subhashmr
 
PDF
Active directory interview_questions
Umesh Sawant
 
PPT
Active directory
Prasanth Menon
 
DOCX
What is active directory
rajasekar1712
 
PPTX
Active-Directory-Domain-Services.pptx
JavedAjmal1
 
PPT
70 640 Lesson01 Ppt 041009
Coffeyville Community College
 
PPT
Directory Services Nma Unit-1
GPAPassedStudents
 
PPT
09 - Active Directory.ppt
ssuserf7cd2b
 
PPTX
Top 10 Active Directory Interview Questions & Answers
Vignesh kumar
 
PPT
1-Active Directory System and Application.ppt
SrikanthKama2
 
PDF
topic_2 computer system design&admin)part 2 A.pdf
francisnwaeze431
 
DOCX
Ctive directory interview question and answers
sankar palla
 
DOC
Server interview[1]
sourav nanda
 
PDF
Active Directory
Jessica Henderson
 
PPT
application layer protocols DNS,SNMP,web service.ppt
jayaprasanna10
 
PDF
Sharing system Linux using Network File Sharing
aldi219529
 
PPT
Ldap system administration
Ali Abdo
 
PPTX
applicationlayer.pptx
georgejustymirobi1
 
Active directoryfinal
Rafał Kucharski
 
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
Active directory interview_questions
subhashmr
 
Active directory interview_questions
Umesh Sawant
 
Active directory
Prasanth Menon
 
What is active directory
rajasekar1712
 
Active-Directory-Domain-Services.pptx
JavedAjmal1
 
70 640 Lesson01 Ppt 041009
Coffeyville Community College
 
Directory Services Nma Unit-1
GPAPassedStudents
 
09 - Active Directory.ppt
ssuserf7cd2b
 
Top 10 Active Directory Interview Questions & Answers
Vignesh kumar
 
1-Active Directory System and Application.ppt
SrikanthKama2
 
topic_2 computer system design&admin)part 2 A.pdf
francisnwaeze431
 
Ctive directory interview question and answers
sankar palla
 
Server interview[1]
sourav nanda
 
Active Directory
Jessica Henderson
 
application layer protocols DNS,SNMP,web service.ppt
jayaprasanna10
 
Sharing system Linux using Network File Sharing
aldi219529
 
Ldap system administration
Ali Abdo
 
applicationlayer.pptx
georgejustymirobi1
 
Ad

Recently uploaded (20)

PPTX
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
PDF
86236642-Electric-Loco-Shed.pdf jfkduklg
ddeepakbhai790
 
PDF
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
PDF
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
PDF
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
PDF
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
PDF
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
PPT
A5_DistSysCh1.ppt_INTRODUCTION TO DISTRIBUTED SYSTEMS
rameshwarchintamani
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PDF
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
ijccsa
 
PDF
Soil Improvement Techniques Note - Rabbi
rahmatideal000
 
PPT
Total quality management ppt for engineering students
juleeyadav818
 
PPTX
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
PPTX
Fundamentals of safety and accident prevention -final (1).pptx
Palani kumar
 
PDF
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
MNANDITHACIVILSTAFF
 
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
PDF
SMART SIGNAL TIMING FOR URBAN INTERSECTIONS USING REAL-TIME VEHICLE DETECTI...
Niraj Aarya
 
PDF
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
86236642-Electric-Loco-Shed.pdf jfkduklg
ddeepakbhai790
 
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
A5_DistSysCh1.ppt_INTRODUCTION TO DISTRIBUTED SYSTEMS
rameshwarchintamani
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
ijccsa
 
Soil Improvement Techniques Note - Rabbi
rahmatideal000
 
Total quality management ppt for engineering students
juleeyadav818
 
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
Fundamentals of safety and accident prevention -final (1).pptx
Palani kumar
 
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
MNANDITHACIVILSTAFF
 
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
SMART SIGNAL TIMING FOR URBAN INTERSECTIONS USING REAL-TIME VEHICLE DETECTI...
Niraj Aarya
 
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 

Directory services by SAJID

  • 2. Directory Services • A directory service is a database that contains information about all objects on the network. • Directory services contain data and metadata. • Metadata is information about data. For example: A user account is data. Metadata specifies what information is included in every user account object.
  • 3. Directory Services • Information within directories is organized hierarchically. This means that there is a strict set of rules as to where certain data is located within the directory based on the properties of that data. • Unlike relational databases such as SQL where information is read and written often, information is usually only read from a directory service, but rarely is it input. For example: User account data changes very little once it has been entered.
  • 4. Early Directory Services • The first directory service was developed at PARC and was called Grapevine. • X.500 was developed as a directory service standard by the ISO and CCITT. • Although X.500 was developed as a comprehensive standard, as with the OSI model, it was not widely deployed on real- world LANs. • X.500 formed the basis of a standard that is widely deployed known as LDAP. • Some X.500 conventions are used in Active Directory and eDirectory.
  • 5. LDAP Stands for Lightweight Directory Access Protocol. • LDAP is a scaled-down implementation of the X.500 standard. • Active Directory and eDirectory are based on LDAP. • Netscape’s Directory Server was the first wide implementation of LDAP. It was used primarily for enterprise calendaring and contact management. Netscape’s product was not used for network management. • Most LDAP directories use a single master method of replication. Changes are made to the master databases and then propagated out to subordinate databases. The disadvantage of this scheme is that it has a single point of failure. • Objects within an LDAP directory are referenced using the object’s DN (Distinguished Name). The DN consists of the RDN (Relative Distinguished Name) appended with the names of ancestor entries.
  • 6. LDAP II RDN of the user object in the figure is cn=ccarpenter. DN of the user object in the figure is cn=ccarpenter,ou=mn,o=emcp,c=us.
  • 7. Novell eDirectory • eDirectory is a partitioned and loosely replicated directory service. • eDirectory can be used to manage multiple operating systems. • The two primary components of eDirectory are database partitions and database replicas. • Partitions are sectioned off according to location. The partition is hosted on a server local to that location. The primary benefit of this is that authentication is localized.
  • 8. Novell eDirectory Database replicas are copies of partitions. There are several different types of replicas. Master replica: First copy of partition. Read-write replica: Can be used to authenticate and make changes to objects. Used for redundancy purposes. Read-only replica: Can be used to locate information, but not to change objects. Subordinate reference: Special replicate automatically created. Used as a pointer to a target replica.
  • 9. eDirectory Object Description country two letter country code locality city or state organization top level container in tree organizational unit container object, used to represent department root top level of tree Container objects are used to organize other objects within the directory. For example: You might place all of the accountant user objects within the accountants organizational unit. In eDirectory, a DN finishes at the organizational level. Objects are separated by periods. An accountant at EMCP with an user account named dmorgan, would have the DN .cn=dmorgan.ou=accountants.o=emcp.
  • 10. Active Directory • Active Directory is an implementation of LDAP that uses multimaster replication. • Active Directory runs on Windows Server 2003 and Windows 2000 Server on special computers known as domain controllers. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network. • Active Directory can also be used as a type of phonebook. For example, you could query Active Directory to locate all users located on the 2nd floor of a building. Alternatively you could locate all color printers at a particular location. • Any domain controller can process directory updates. • Replication uses the RPC protocol for servers on the same LAN and the SMTP protocol for servers located across WAN links.
  • 11. Active Directory Components Domain. All user accounts within a domain share a common password policy. Different password policies require separate domains. Site. Used to represent a single physical location within Active Directory. Organizational Unit (OU). Can be used to represent organizational hierarchy. OU can contain OU. Group Policy Object (GPO). Collection of policies that can be applied to domains, sites, and OUs. Forest. Collection of domains with common schema. Tree. Collection of domains with common namespace.
  • 12. GPO and Delegation • Control of a particular OU can be delegated. For example: You could allow a certain user to administer all of the accountant’s user accounts, without allowing them to administer anyone else’s account. • GPO can be applied to sites, domains, and OU. • GPOs can be used to install software or to configure user environment settings. For example: You could install Microsoft Word at a particular location by creating a GPO that installs word and applying it to that location’s site. Alternatively, if you applied that same GPO to the domain, all users would have Word installed. If you applied that GPO to an OU instead, only users within that OU would have word installed.
  • 13. Active Directory Naming • Active Directory naming is similar to LDAP and eDirectory, though has a slightly different format. • A user named Orin Thomas located within the Engineers OU in the melbourne.emcp.com domain of a Windows Server 2003 network would have the DN: CN=Orin Thomas,OU=Engineers,DC=Melbourne,DC=EMCP,DC=COM • DNs are often used in scripts that query information from the Active Directory database. • As an administrator you might right a script that queries the database to determine which users have not logged on to the network in the last six months.
  • 14. Summary • A directory service is a database that contains information about all objects on the network. • LDAP is a scaled-down implementation of the X.500 standard. • eDirectory is a partitioned and loosely replicated directory service. • eDirectory partitions are sectioned off according to location. • eDirectory database replicas are copies of partitions. • Active Directory uses multimaster replication. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network and as a type of phonebook.
  • 15. Discussion Questions  What is the difference between an Active Directory site and domain?  What is the difference between an eDirectory partition and replica?  Discuss why you would apply one GPO to a domain and another GPO to an OU.  Which Directory Service can be used to manage multiple operating systems?  What weakness exists in the LDAP replication method?