active directory boundaries purpose n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Active Directory Boundaries - Purpose PowerPoint Presentation
Download Presentation
Active Directory Boundaries - Purpose

Loading in 2 Seconds...

play fullscreen
1 / 37

Active Directory Boundaries - Purpose - PowerPoint PPT Presentation


  • 51 Views
  • Uploaded on

Active Directory Boundaries - Purpose. Replication Boundaries Security Boundaries. Active Directory Boundaries - Types. Geographic vs Organizational Contiguous vs Discontigous namespace i.e. oldcompany1.newcompany.com and oldcompany2.newcompany.com are 2 contiguous namespaces. Prestaging.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Active Directory Boundaries - Purpose


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
active directory boundaries purpose
Active Directory Boundaries - Purpose
  • Replication Boundaries
  • Security Boundaries
active directory boundaries types
Active Directory Boundaries - Types
  • Geographic vs Organizational
  • Contiguous vs Discontigous namespace
  • i.e. oldcompany1.newcompany.com and oldcompany2.newcompany.com are 2 contiguous namespaces
prestaging
Prestaging
  • forestprep and domainprep
  • Removal
removing domains or trees
Removing Domains or Trees
  • ADMT pruning/grafting
  • ADMTv3.1
functional levels
Functional Levels
  • Viewing
  • Raising
  • Interoperability
  • UPN – User Principal Name
simplifying logon
Simplifying Logon
  • Each user
    • Has a unique down-level logon name
    • Can have multiple friendly UPN's
trust basics
Trust Basics
  • Trusts allow communication between the boundaries of domains and forests
  • 1 way Trust
  • 2 way Trust
transitive trusts
Transitive Trusts
  • Extend permissions across multiple domains
  • Automatically created as new domain joins a tree or new child is created
forest trusts
Forest Trusts
  • Forest wide
  • Selective authentication
external trusts
External Trusts
  • Non-Transitive
  • NT4.0 or Kerebos compatible
shortcut trust
Shortcut Trust
  • Transitive
  • Speeds up authentication and authorization
identity
Identity
  • Security Identification (SID) filtering
create sites
Create Sites
  • Balance service delivered to all locations.
  • Inventory the number of users at each site
  • Inventory the types of WAN links
create ad subnets
Create AD Subnets
  • Associate subnets with the site location that has the closest DC
configure site links
Configure Site Links
  • Site Links = WAN links
  • Star vs Mesh
associating link costs
Associating Link Costs
  • Cost = Speed/Availability of WAN
configure infrastructure
Configure Infrastructure
  • Manually link Operational Masters with their backup servers
global catalog servers
Global Catalog Servers
  • Deploy Global Catalog servers at each site when possible
replication
Replication
  • Each domain can have its own replication topology and schedule
  • Different events have different priorities to trigger replication
slide24
DFS
  • DFS – Distributed File System
  • Method for synchronizing shared folders
slide25
DFS
  • DFS – Distributed File System
  • Method for synchronizing shared folders
  • Conflict and Deleted folder
  • Good for application distribution or other read-only data
replication automatic
Replication - Automatic
  • Knowledge Consistency Checker (KCC)
  • Bridgehead Server
  • Intersite Topology Generator
replication automatic1
Replication - Automatic
  • Knowledge Consistency Checker (KCC)
  • Bridgehead Server
  • Intersite Topology Generator
  • Scheduling
  • IP and SMTP protocols
replication manual
Replication - Manual
  • Designate a specific bridgehead server
  • Make a one way replication partnership
  • Manually force replication after making changes to AD
global catalog server
Global Catalog Server
  • DC that contains information about other Domains
promotion
Promotion
  • Use the AD snap-in Sites and Services
  • Partial Attribute Set
alternate methods
Alternate Methods
  • UGMC – Universal Group Membership Caching
domain operations masters
Domain Operations Masters
  • PDC emulator
  • Relative ID (RID)
  • Infrastructure
forest operations masters
Forest Operations Masters
  • Schema Master
  • Domain Naming
operations master
Operations Master
  • Seize vs Transfer
  • Backup
  • Placement
schema master
Schema Master
  • Schema can be extended with various tools
  • Placement should be on a Global Catalog
  • Time Service is important for successful upgrades