Annex F03 Active Directory Logical Structure

Question 0

Active Directory

Answer 0

Collection of objects and their attributes is called the Active Directory Schema

The schema is created and maintained by network admins and there is only 1 schema per active directory instance

Question 1

Object

Answer 1

The basic building block of Active Directory

Users, computers, printers, servers and other network resources

Question 2

Security Groups

Answer 2

Objects in AD just like individual users

Security groups are useful because individual users can be associated with a security group and then have permissions applied to the group vice each and every users

Quick and efficient way to delegate out permissions to shared resources for a large collection of users

Question 3

Organizational Unit

Answer 3

Containers for objects
Like folders for files
Serve as administrative boundary. Eg. The regiment could delegate permissions to its subordinate Bns by giving them their own OU. Inside that OU, the data Marines for the Bn can control everything that happens

Question 4

Domaain

Answer 4

The cornerstone element of AD

The grouping of all objects that share common resources, services and administration

All of the objects and OU’s within a domain share a common security database and permissions hierarchy

Question 5

Tree

Answer 5

Mulltiple domains are arranged into a hierarchical structure called a tree

First domain is called root domain

Any subsequent domains created from the first domain are known as child domains

Question 6

Forest

Answer 6

The largest category of organizing objects and domains is called an AD forest

Question 7

Trust Relationships

Answer 7

Trust is defined as a link in AD between 2 domains and/or forests that allow users to access resources and services in another domain

Types include:
Parent/child
Tree/root
External Trust
Shortcut Trust (2 domains in same forest)
Realm Trust- AD to non Windows directory services
Forest Trusts-between 2 AD forests