Thursday, 23 July 2015

What is Active Directory

Module II      Active Directory

Network  means to share data and resources.
Workgroup is a network without centralize management.
Domain is a network with centralize management.

DC(Domain Controller) is a server in which AD is installed.

AD(Active Directory) is directory service of windows server 2000,2003,2008 and 2012 versions.
AD is central location or repository in which we can get information of each and every objects. Object means any resource of a network like users, groups etc. By default there are 10 types of objects in Windows 2K8 and 2012 AD. OS use SID number to identify any object. Objects can be store and replicate in AD. Replication means automatic update between the links. FRS is use for replication in AD. The database file of AD is ntds.dit.  Kerberos is an authentication protocol and LDAP is use to access the resources.  There are different functional level or modes of AD domain and AD forest :-
1. Mixed mode
2. W2K Native mode
3. W2K3 Native mode
4. W2K8 Native mode
5. Windows 2008 R2 Native mode
6. Windows 2012 Native mode
7. Windows 2012 R2 Native mode



The logical structure of  AD :-
Forest                -> Tree              -> Domain         -> OU (Organizational Unit)


The physical structure of AD :-
DC (Domain Controller) It is use to control the entire domain.

Types of DC :-
1. GCS
2. ADC
3. CDC
4. RODC



NOTE:
1. RODC (Read Only Domain Controller) is feature of W2K8 and Windows 2012 only.
2. We cannot use more than GCS within a particular domain in Windows 2000.
3. Mixed mode is not supported in Windows 2008 and 2012.
4. dcpromo   is not available in Windows 2012


GCS (Global Catalog Server)
GCS is first DC of a domain, it is use for user authentication, user logon process etc. It has information about the entire forest or multiple domains. By default GCS can play all 5 FSMO roles.  GCS means DC which have original copy of ntds.dit database which is known as Global Catalog.

ADC (Additional Domain Controller)
ADC is new DC in the existing domain, it is use for load balancing and fault tolerance of GCS or the domain. Active Directory is same in GCS and ADC because full replication can take place between them. ADC can make duplicate copy of AD  from GCS. ADC have information about own domain only. By default ADC cannot play any FSMO roles but we can transfer all 5 FSMO roles to ADC. If GCS will be fail, then ADC will not be operational but it can work as backup copy and we can also upgrade ADC into GCS.



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)