1 / 24

Understanding Active Directory

Understanding Active Directory. Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning , Microsoft. Active Directory Lightweight Directory Services (AD LDS). Module Overview. AD LDS Overview Implementing and Administering AD LDS Implementing AD LDS Replication

hong
Download Presentation

Understanding Active Directory

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Understanding Active Directory Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning , Microsoft

  2. Active Directory Lightweight Directory Services (AD LDS)

  3. Module Overview • AD LDS Overview • Implementing and Administering AD LDS • Implementing AD LDS Replication • Comparing AD DS and AD LDS

  4. Lesson 1: AD LDS Overview • How AD LDS Works • AD LDS Administration Tools • What Is the AD LDS Schema? • Demonstration: Installing AD LDS

  5. How AD LDS Works AD LDS is a hierarchical file-based directory store Uses the Extensible Storage Engine (ESE) for file storage ESE AD LDS can be accessed via LDAP • The store is organized into three partitions types: • Configuration • Schema • Application

  6. AD LDS Administration Tools

  7. Directory objects based on the automobile object class Directory objects based on the user object class What Is the AD LDS Schema? AD LDS Schema defines the types of objects and data that can be created and stored in an AD LDS instance using object classes and attributes Schema Partition Application Partition Definition for an automobile object class Definition for a user object class

  8. Demonstration: Installing AD LDS • In this demonstration, you will see how to install Active Directory Lightweight Directory Services

  9. Lesson 2: Implementing and Administering AD LDS • What Is an AD LDS Instance? • What Is an AD LDS Application Partition? • Demonstration: Configuring AD LDS Instances and Application Partitions • AD LDS Users and Groups • How Does Access Control Work in AD LDS?

  10. What Is an AD LDS Instance? An AD LDS Instance is a running copy of AD LDS service that contains is own communication interface and directory store A Single AD LDS Instance Interfaces (LDAP, replication) Directory Service Client Directory Data Store (Adamntds.nit) The directory store has its own copy of the three partitions

  11. What Is an AD LDS Application Partition? The AD LDS application partition holds the data that is used by the application A Single AD LDS Instance Application partition 1 Configuration partition Schema partition Multiple application directory partitions can be created in each LDS instance; however each partition would share a single set of configuration and schema partitions

  12. Demonstration: Configuring AD LDS Instances and Application Partitions • In this demonstration, you will see how to configure an AD LDS instance on a computer that is already running one instance

  13. AD LDS provides four default, role-based groups stored in the roles container of the appropriate partitions AD LDS Users and Groups

  14. AD LDS Access Control: How Does Access Control Work in AD LDS? Authenticates the identity of users requesting access to the directory, allowing only successfully authenticated users into the directory 1 Uses security descriptors, called access control lists (ACLs), on directory objects to determine which objects an authenticated user can access 2

  15. Lesson 3: Implementing AD LDS Replication • How AD LDS Replication Works • Why Implement AD LDS Replication?

  16. How AD LDS Replication Works • AD LDS uses multimaster replication: • All instances are writable • Changes on one instance are replicated to the other instances AD LDS servers replicate changes to all servers Client modifies “User 1” display name on Server 2 Client adds “User 2” on Server 1 Server 2 Server 1 Server 3

  17. Why implement AD LDS Replication? Why Implement AD LDS Replication? • High availability • Load balancing • Geographic limitations

  18. Lesson 4: Comparing AD DS and AD LDS • Similarities between AD DS and AD LDS • Differences between AD DS and AD LDS • Integrating AD DS and AD LDS

  19. Similarities between AD DS and AD LDS: Similarities Between AD DS and AD LDS • Support LDAP connections • Use multimaster replication • Support delegated administration • Use Extensible Storage Engine for the database store

  20. Differences Between AD DS and AD LDS

  21. Integrating AD DS and AD LDS To integrate AD DS and AD LDS: Prepare the schema for synchronization 1 Prepare the configuration for AdamSync 2 Run AdamSync 3

  22. Review Questions Summary of AD LDS Module Review and Takeaways

  23. Thanks for Watching!

More Related