Active Directory Structure

Question 1

*Logical:

Objects

Answer 1

• Most basic component
• Object classes = templates or blueprints for creatable types of objects in AD
• Each object class = defined by a group of attributes, which define the possible values one can associate with an object
• Each object = unique combination of attributed values

Question 2

*Logical:
Organizational units (OU)

Answer 2

• Container objects to arrange other objects in support of administrative purposes
• Easier to locate and manage objects
• Delegation of authority to manage an OU
• OU in OU => simplify mgmt of objects

Question 3

*Logical:

Domains

Answer 3

• Core functional units
• Admin defined objects that share a common dir database, sec policies and trust relationships with other domains
• 3 functions:
• admin boundary for objects
• mgmt of sec for shared resources
• Unit of replication for objects

Question 4

*Logical:

Domain trees

Answer 4

*Domains grouped in hierarchical structures
*Second domain added => child of the tree root domain
*Parent domain -> Child domain -> Child domain
*Name of child domain is combined with name of parent domain => own unique DNS (idcn.mil.intra)
=>Tree has a contiguous namespace

Question 5

*Logical:

Forest

Answer 5

A forest is a complete instance of AD => consists of 1 of more trees

Question 6

*Physical:
Domain Controllers (DC)

Answer 6

• Computers that run MS Win Server and AD
• Each DC performs storage and replication functions
• A DC can support only one DC
• Each domain should have more than 1 DC iot ensure continuous availability of AD

Question 7

*Physical:

AD Sites

Answer 7

• Groups of well-connected computers
• DCs within a single site communicate frequently => minimizes latency within the site (replication of changes to other DCs
• Created iot optimize use of bandwith between DCs in different locations