Active Drirectory Flashcards
Active Directory
Active directory authorizes and authenticates all users and computers in a window domain network, ensuring the security of the computer and software. Through active directory various functions can be managed like creating admin users, connecting to printers or external hard drives.
Domain Controller
Domain Controller is the server which holds the AD database, All AD
changes get replicated to other DC and vice-versa.
LDAP
When we are talking about LDAP in Windows Server, It is a protocol
which is used for access Active Directory objects, user authentication and
authorization. LDAP is also used to store credential in a network Security system
and retrieve it with your password and decrypted key giving you access to the
services.
FSMO roles
Flexible Single Master Operation Roles (FSMO); Active Directory has
five special roles which are vital for the smooth running of AD as a multi-master
system.
Some functions of AD require there is an authoritative master to which all Domain
Controllers can refer to.
Here are five roles, these roles are Forest based and Domain based.
Forest Based Roles
Schema Master
Domain Naming Master
Domain Based Roles
PDC emulator
RID Master
Infrastructure Master
SYSVOL
The System Volume (SYSVOL) is a shared directory that stores the
server copy of the domain’s public files that must be shared for common access and
replication throughout a domain. The SYSVOL folder on a domain controller
contains the following items:
- Net Logon shares. These typically host logon scripts and policy objects for
network client computers.
- User logon scripts for domains where the administrator uses Active Directory
Users and Computers.
- Windows Group Policy.
- File replication service (FRS) staging folder and files that must be available and
synchronized between domain controllers.
- File system junctions.
File system junctions are used extensively in the SYSVOL structure and are a
feature of NTFS file system 3.0. You must be aware of the existence of junction
points and how they operate so that you can avoid data loss or corruption that may
occur if you modify the SYSVOL structure.
what is the difference between domain admins and enterprise admins
in AD?
Domain Admins Group
- Members of this group have complete control of the domain
- By default, this group is a member of the administrators group on all domain
controllers, workstations and member servers at the time they are linked to the
domain
- As such the group has full control in the domain, add users with caution
Enterprise Admins Group
- Members of this group have complete control of all domains in the forest.
- By default, this group belongs to the administrators group on all domain
controllers in the forest.
- As such this group has full control of the forest, add users with caution.
What is use of Active Directory Partitions? And
How to find the Active Directory Partitions and there location?
Schema Partition, It store details about objects and attributes. Replicates to all
domain controllers in the Forest
DN location is CN=Schema,CN=Configuration,DC=Domainname, DC=com
Configuration Partition, It store details about the AD configuration information
like, Site, site-link, subnet and other replication topology information. Replicates
to all domain controllers in the Forest
DN Location is CN=Configuration,DC=Domainname,DC=com
Domain Partitions, object information for a domain like user, computer, group,
printer and other Domain specific information. Replicates to all domain controllers
within a domain
DN Location is DC=Domainname,DC=com
Kerberos
Kerberos is an authentication protocol for network. It is built to offer
strong authentication for server/client applications by using secret-key
cryptography.
What Is A Child Dc
CDC or child DC is a sub domain controller under root domain controller
which share name space.
What is Tree?
The tree is a hierarchical arrangement of windows Domain that share a contiguous namespace
What is Domain?
Active Directory Domain Services is Microsoft’s Directory Server. It provides authentication and authorization mechanisms as well as a framework within which other related services can be deployed
What is Active Directory Domain Controller (DC)?
Domain Controller is the server which holds the AD database, All AD changes get replicated to other DC and vise vase
What is Forest?
Forest consists of multiple Domains trees. The Domain trees in a forest do not form a contiguous namespace however share a common schema and global catalog (GC)
What is Schema?
Active Directory schema is the set of definitions that define the kinds of object and the type of information about those objects that can be stored in Active Directory Active Directory schema is Collection of object class and there attributes Object Class = User Attributes = first name, last name, email, and others
