Active Directory Tutorial Pdf

Posted on by
  1. What is Directory Service?
  2. Active Directory
  3. History of Directory Service
  4. Advantage of LDAP
  5. Back to Active Directory
  6. Naming conventions
  7. Requirement of DNS
  8. AD objects
  9. AD Database
  10. Schema
  11. Domain, Tree and Forest

Understanding Active Directory - PART 1.pdf. A PowerShell Approach Understanding Active Directory for Beginners Major changes with Exchange Server 2013 Office 365.

  • A directory service is a container that provides a hierarchical structure and allows to store objects for quick and easy access and manipulation. A directory service is like an electronic phone directory that lets you search for Name and retrieve the phone number, address, or other information without knowing where that person lives.
  • Before directory services, If you needed a file, you needed to know the name of the file, the name of the server on which it is stored and its folder path. Now this works well on small network, but as the network grows it becomes challenging.
  • Directory service is the means by which users and administrators can locate resources regardless of where those resources are located.
  • Also earlier typical user could have more than one user account or password, and as the network grows and the number of username and password also increases, like one for File Server, one for email server, etc.

Windows 2000 Server was released on February 17, 2000 but many administrators began working with Active Directory in late 1999 when it was released to manufacturing (RTM) on December 15, 1999. In this part of our tutorial we’ll speak about AD service technologies. About Active Directory Services Technologies. In this tutorial you will learn Active Directory basics and best practices in a few easy steps. Read it online or download AD tutorial in pdf for free. In next window it gives option to select the roles. Select and click on tick box 'Active Directory Domain Services' Then it will prompt window to indicate the additional feature installations related to selected role. Click on 'Add Features' to continue. Then in next window click on next to continue. In this free eBook about Active Directory under the hood. Active Directory basics Under the hood of Active Directory Sander Berkouwer MVP on Directory Services. I've done two posts on learning How to learn SCCM and how to learn Desktop support skills. Active Directory basics skills are very much required for all Windows Support engineers. The first time I used Active Directory was around 2004 on a Windows 2003 server. We had an Exchange 2003 server, and I remember using active directory to create e-mail accounts. Back then, AD was basically just the “Active Directory Users, and Computers” snap-in, and a few other components.

  • Active Directory is Microsoft’s answer to directory services and it does a lot more than just locating resources.
  • Active Directory take care of this by using Kerberos Authentication and Single Sign-On (SSO). SSO means ability of Kerberos to provide a user with one set of credentials and grant them access across a range of resources and services with that same set of credentials. Kerberos authenticates the credentials and issues the user a ticket with which the user gains access to the resources and services that support Kerberos.
  • Active Directory also makes user management more easier as it acts as a single repository for all of this user and computer related information.
Active directory tutorial for beginners
  • Earlier to today’s directory services is X.500 specification that emerged from the International Telecommunications Union (ITU), formerly the CCITT (Comité Consultatif International Téléphonique et Télégraphique).
  • X.500 sits at the Application layer in the OSI model. X.500 contain several component databases that work together as a single entity.
  • The primary database is the Directory Information Base (DIB), which stores information about the objects. Major limitation was its lack of integration with Internet Protocol (IP).
  • Protocol it used was Directory Access Protocol, or DAP. DAP offered more functionality than that is required for implementing directory services, so a scaled down version called Lightweight Directory Access Protocol (LDAP) was made. Later it was considered as a standard by Internet Engineering Task Force (IETF).
  • LDAP relies on the TCP/IP stack rather than the OSI stack
  • Integrate with IP and enable IP clients to use LDAP to query directory services.
  • LDAP can perform hyper-searches. Giving one directory the ability to defer to another to provide requested data.
  • LDAP’s API is C-based
  • Like X.500, LDAP uses an inverted-tree hierarchical structure
  • LDAP supports Kerberos authentication, Simple Authentication Security Layer (SASL), and Secure Sockets Layer (SSL)
  • Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols.
  • AD is Microsoft’s answer to directory services and it does a lot more than just locating resources.
  • AD uses LDAP as its access protocol.
  • AD relies on DNS as its locator service, enabling clients to locate domain controllers through DNS queries.
  • Lets Understand Active Directory in more detail.
  • AD contains information about objects in your enterprise.
  • These objects can be computers, users, printers etc.
  • AD is a container with nested containers holding other containers or objects.
  • And we name these container and objects so that its easy to query or search.
  • User Principal Names, or UPN
  • LDAP names also known as Distinguished Name
  • This one you’ll probably find most familiar, is as per RFC 822 specification.
  • This has the same format as your email address: Like ashwin@road2master.ms
  • They take the form user@domain
  • If you have a user named User01 under Active Directory domain Domain01.local, the UPN will be User01@Domain01.Local
  • We will discuss more about AD domain later.
  • In AD you can create custom UPNs too, which means you can also add User01@Domain01.com or User01@xyz.com as UPN for above mentioned object.
  • More on these later.
  • Typically it has this format

cn=common name

ou=organizational unit

dc=domain

for eg. cn=Ashwin,ou=Trainer,dc=Road2Master,dc=ms

  • And query should look like this for the

LDAP://R2MAD01.road2master.ms/cn=Ashwin,ou=Trainer,dc=Road2Master,dc=msCss full tutorial pdf.

R2MAD01.road2master.ms is the FQDN of the Domain Controller.

  • DNS Server must support
  • Service resource (SRV) records
  • Dynamic update protocol specified by RFC 2136
  • AD relies on DNS as its primary locator service, although its not the only mechanism for locating domain controllers (DCs).
  • Domain Controller is the server which has Active Directory Installed.
  • When a Domain Controller starts,
  • It registers both its DNS name and NetBIOS name. More on NetBIOS name later.
  • It add LDAP-specific SRV records in DNS to enable LDAP clients to locate DCs through LDAP queries.
  • It also add Kerberos authentication protocol-specific SRV records to enable clients to locate servers running the Kerberos Key Distribution Center (KDC) service.
  • Also each DC also adds an A record that enables clients that don’t support SRV records to locate the DC through a simple host record lookup. You can disable this if required.
  • Objects in AD can be either containers for other objects or they can be leaf objects, which do not serve as containers.
  • Objects in AD have attributes, and these attributes not only define the object but also store data. This defines the character of that Object.
  • Some attributes and optional and some are mandatory.
  • Optional : Phone Number
  • Mandatory: Username
  • When an Object is created AD assigns a GUID, which is a 128-bit number and no two objects in AD have the same GUID.
  • And If an object is moved from AD, it doesn't delete its GUID.
  • Objects in AD are protected by Access Control Lists (ACLs).
  • More on Security later.
  • The ESE comprises of tables that define the structure of the directory.
  • The Database Layer has three partition that define the contents of AD with an optional 4th table or partition.
  • This stores Active Directory Schema.
  • Active Directory Schema defines what are the types of objects that can be created in the directory
  • How are those objects relate to one another, and what are the mandatory and optional attributes of each object.
  • And how can one create such objects.
  • This contains configuration of AD.
  • This partition stores the objects.
  • This is an optional 4th partition that an administrator can create.
  • More on this later.
  • More about Active Database in the upcomming parts.
  • Active Directory Schema defines what are the types of objects that can be created in the directory
  • How are those objects relate to one another, and what are the mandatory and optional attributes of each object.
  • And how can one create such objects.
  • Schema requires to updates whenever you need to create a new type of object or add anything that requires new attribute.
  • Objects that are made on AD are grouped into domains.
  • The objects for a single domain are stored in a single database (which can be replicated).
  • A tree is a collection of one or more domains
  • A forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration.

[Video]

POI Editor lets you view, edit and convert Points of Interest files from GPS devices such as TomTom, Navman, Garmin and many others. To get started click 'Load POI File' and import a Point of Interest file directly from your PC or GPS device. Or, click 'Add Point' to create a POI file from scratch. POI Editor is free to use but please consider making a donation, thanks. POI Loader Updates & Downloads. Garmin Connect Community for tracking, analyzing and sharing; Garmin Express Maps and software to manage your devices; Connect IQ Free watch faces, apps and more; inReach Account Manage your inReach device; Garmin Health Enterprise Health Solutions; Basecamp Trip-planning software for roads and trails; Blog Latest product news and events. Garmin poi editor software.

  • Windows Server 2012 Tutorial
  • Windows Server 2012 Resources
  • Selected Reading

In this chapter, we will see how to Install Active Directory in Windows Server 2012 R2. Many of us who have worked with the previous version run DCPROMO.EXE to install it, but in the 2012 version, it is recommended by Microsoft not to use it anymore.

To continue with Installation follow the steps given below.

Step 1 − Go to “Server Manager” → Manage → Add Roles and Feature.

Step 2 − Click the Next button.

Active directory basics tutorial pdf

Microsoft Active Directory Tutorial Pdf

Step 3 − As we are installing AAD on this machine, we will select “Role-based or featurebased Installation” → Next.

Step 4 − Click on “Select a server from the server pool”, this is the case when it will be installed locally.

Step 5 − Check mark in the box next to Active Directory Domain Services. A box will be explaining additional roles services or features which are also required to install domain services.

Step 6 − Click Add Features.

Step 7 − Check “Group Policy Management” → Next.

Step 8 − Click the “Next” button.

Step 9 − Click “Install”.

Installation Screen will come up now and you have to wait until installation bar completes.

Now that the installation of DC role is finished, you have to configure it for you server.

Step 10 − Click “Server Manager” → Open the Notifications Pane by selecting the Notifications icon from the top of the Server Manager. From the notification regarding configuring AD DS (Active Directory Domain Services), click Promote this server to a domain controller.

Step 11 − Click “Add a new forest” → Insert your root domain name into the Root domain name field. In my case, I have put “example.com”.

Step 12Select a Domain and Forest functional level. Once selected fill in a DSRM password in the provided password fields. The DSRM password is used when booting the Domain Controller into recovery mode.

Step 13 − In the next screen which shows up, there is a warning on the DNS Options tab, click OK and then select Next.

Active Directory Tutorial Pdf Free Download

Step 14 − Enter NETBIOS name and click “Next”.

Step 15 − Select location of the SYSVOL, Log files and Database folders and then click Next.

Active Directory Tutorial Pdf Windows Server 2012 R2

Step 16 − Click “Install” and wait until it is finished. The server will restart several times.

Active Directory Tutorial Pdf Windows Server 2008

The installation is now complete.