Understanding Active Directory Concepts:-
In the Windows Server 2003 family and Active Directory, there are several new concepts and some changes to the concepts used in Windows NT. These concepts include replication, trust relationships, change and configuration management, group policies, DNS, and object naming. It is important that you understand the meaning of these concepts as they apply to Active Directory. In addition, you should also familiarize yourself with the Active Directory administration tasks, which correspond to the chapters in this training kit.After this lesson, you will be able to ■ Explain Active Directory replication ■ Explain the security relationships between domains in a tree (trusts) ■ Explain the components of change and configuration management ■ Explain the purpose and function of Group Policy ■ Describe how DNS is used by Active Directory ■ Describe how objects are named in Active Directory ■ Describe the tasks required for Active Directory administratior
Replication Users and services should be able to access directory information at any time from any computer in the domain tree or forest. Replication ensures that changes to a domain controller are reflected in all domain controllers within a domain. Directory informa tion is replicated to domain controllers both within and among sites. What Information Is Replicated The information stored in the directory (in the Ntds.dit file) is logically partitioned into four categories. Each of these information categories is referred to as a directory partition. A directory partition is also referred to as a naming context. These directory partitions are the units of replication. The directory contains the following partitions: Schema partition This partition defines the objects that can be created in the directory and the attributes those objects can have. This data is common to all domains in a forest and is replicated to all domain controllers in a forest. Configuration partition This partition describes the logical structure of the deployment, including data such as domain structure or replication topology. This 1-22 Chapter 1 Introduction to Active Directory data is common to all domains in a forest and is replicated to all domain control lers in a forest. Domain partition This partition describes all of the objects in a domain. This data is domain-specific and is not replicated to any other domains. However, the data is replicated to every domain controller in that domain. Application Directory partition This partition stores dynamic application-specific data in Active Directory without significantly affecting network performance by enabling you to control the scope of replication and the placement of replicas. The application directory partition can contain any type of object except security principals (users, groups, and computers). Data can be explicitly rerouted to administrator-specified domain controllers within a forest in order to prevent unnecessary replication traffic, or it can be set to replicate everything to all domain controllers in the same fashion as the schema, configuration, and domain partitions
No comments:
Post a Comment