Overview of Windows 2003 OS and Directory Services
30
1 Overview of Windows Server 2003 Operating System and Directory Services Md. Shihab Uddin Khan Associate Professor BIBM
description
Overview of Windows 2003 OS and Directory Services
Transcript of Overview of Windows 2003 OS and Directory Services
11
Overview of Windows Server 2003 Operating System and Directory
Services
Md. Shihab Uddin KhanAssociate Professor
BIBM
2
Overview of Windows Server 2003
A multipurpose operating system with integrated support for client/server and peer-to-peer networks.
More secure, more reliable, more available and easier to administer than any previous version of Windows.
Microsoft released four editions of Windows 2003: Windows 2003, Web EditionWindows 2003, Standard EditionWindows 2003, Enterprise EditionWindows 2003, Datacenter Edition
3
Features of Windows Server 2003 Web Edition
Design specifically for Web services.
Easy deployment of Web pages, Web sites, Web applications, and Web services.
Supports 2 gigabytes (GB) of RAM and a two-way symmetric multiprocessor (SMP).
Provides unlimited anonymous web connections.
The server cannot be a DHCP or fax server.
Although you can remotely administer the server with Remote desktop, the server cannot be a terminal server.
Cannot be a domain controller.
4
Features of Windows Server 2003, Standard Edition
This flexible server is the ideal choice for small businesses and departmental use.
Internet Authentication Service (IAS)
Internet Connection Sharing (ICS).
Offers secure Internet connectivity.
Allows centralized desktop application deployment.
4-way symmetric multiprocessing (SMP).
4 gigabytes (GB) of RAM.
5
Features of Windows Server 2003, Enterprise Edition
Designed for medium to large businesses.
It is the platform of choice for applications, Web services, and infrastructure, delivering high reliability, performance & superior business value.
8-way symmetric multiprocessing (SMP).
Eight-node clustering.
support for up to 32 GB of RAM with the 32-bit version
64-bit Version supports up to 64 GB of RAM
Includes Windows System Resource Manager tofacilitate consolidation and system management
6
Features of Windows Server 2003, Enterprise Edition
Figure- Two-node Server cluster running Windows Server 2003, Enterprise Edition
7
Features of Windows Server 2003 Datacenter Edition
It is built for business-critical and mission-critical applications that demand the highest levels of reliability, availability, and scalability.
Supports up to 32-way SMP and 64 GB of RAM with the 32-bit version.
Supports up to 64-way SMP and 512 GB of RAM with the 64-bit version.
Provides both eight-node clustering and load balancing services as standard features.
8
Features of Windows Server 2003, Datacenter Edition
Figure - Four-node Server cluster running Windows Server 2003 Datacenter Edition
9
Networking Model
Workgroup Model
Domain Model / Client Server Model
10
Workgroup Model
A logical grouping of networked computers that share resources, such as files and printers.
It is referred to as a peer-to-peer network . Each computer in the workgroup running either
Windows 2k Server or Windows 2k Professional or Windows 2003 Server or Windows XP Professional.
Each computer maintains a local security database.
The administration of user accounts and resource security is decentralized.
11
Workgroup Model
Local Security DatabaseLocal Security Database
Local Security Database Local Security Database
Windows 2
k Serve
r
Windows 2
k Pro
fessional
Windows X
P Pro
fessional
Windows 2
003 Serve
r
12
Disadvantage of using Workgroup
A user must have a user account on each computer to which he or she wants to gain access.
Any change to user accounts, such as changing a user’s password or adding a new user account, must be made on each computer in the workgroup.
Device and file sharing is handled by individual computers, and only for he users that have accounts on each individual computer.
13
Domain Model
A logical grouping of networked computers that share a central directory database.
A directory database contains user accounts and security information for the domain.
14
Domain Model
Domain Contro
ller
Client C
omputer
Member Serve
r
Client C
omputer
15
Windows 200X domain model have the following types of computers
Domain Controller: A domain controller is a computer running Windows 200X Server that stores and maintain a copy of the directory (AD Database). In a domain you create a user account once, which Windows 200X records in the directory.
When a user logs on to a computer in the domain, a domain controller checks the directory for the user name, password, and logon restriction to authenticate the user. Administrators can manage user accounts, network access, shared resources, site topology, and other directory objects from any domain controller in the forest.
16
Windows 200X domain model have the following types of computers
Member Server: A member server is a server that is not configured as a Domain Controller. A member server does not store directory information and can not authenticate domain users. Member Server provide shared resources such as shared folders and printers. It also acts as Application server.
Client Computer: Client computer run user’s desktop environment and allow the user to gain access to resources in the domain.
17
Directory Service
A directory service is a network service that stores information about network resources and makes that information available to users and applications. It enables the user to find an object when given any one of its attributes.Active directory is the directory service in a Windows Server 200X family.
Benefits— DNS integration Scalability Centralized management Delegated administration
Acvtive Directory
The Windows-based directory service. Active Directory stores information about objects on a network and makes this information available to users and network administrators.
Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration for all network objects.
Directory : An information source that contains information about users, computer files, or other objects. In a file system, a directory stores information about files. In a distributed computing environment (such as a Windows domain), the directory stores information about objects such as printers, fax servers, applications, databases, and other users.
18
19
Active Directory TermsForest
Organizational Units (OU) in
a domain
Domain
ctg.bibm. com
mirpur. dhaka.bibm
. com
bibm.com
dhaka.bibm. com
Tree
DNS and Active Directory Namespaces
microsoft.com
sales. microsoft.com
training. microsoft.com
training
microsoft
DNS Namespace
Active Directory Namespace
= DNS node (domain or computer) = Active Directory domain
sales
computer1
(DNS root domain)““.”.”““.”.”
com.com.com.com.
Internet
DNS Host Names and Windows 2003 Computer Names
DNS host record and Active Directory object represent the same physical computer
DNS allows computers to locate domain controllers within Active Directory
Active DirectoryActive Directory
training.microsoft.com
Builtin
Computers
Computer1
Computer2
DNSDNS
““.”.”““.”.”
com.com.com.com.
salessales trainingtrainingtrainingtraining
computer1computer1computer1computer1
microsoftmicrosoftmicrosoftmicrosoft
FQDN = computer1.training.microsoft.comWindows 2003 Computer Name = Computer1
FQDN = computer1.training.microsoft.comWindows 2003 Computer Name = Computer1
22
Domain, Tree and Forest
Domain: A domain is a collection of computers, Users, Organizational units and groups defined by an administrator, which share a common directory database and securities.
A domain has a unique name and provides access to the centralized user accounts and group accounts maintained by the domain administrator. Example bibm.com.
23
Domain, Tree and Forest
Tree: A tree is a hierarchical arrangement of one or more domains that share a contiguous namespace.
When you add a domain to an existing tree, the new domain is a child domain of an existing parent domain. The name of the child domain is combined with the name of the parent domain.
All domains within a single tree share a common schema and global catalog.
Every child domain has a two-way, transitive trust relationship with its parent domain.
Schema, Global Catelog, Object Class
Object: An entity, such as a file, folder, shared folder, printer, or Active Directory object, described by a distinct, named set of attributes. For example, the attributes of a File object include its name, location, and size; the attributes of an Active Directory User object might include the user's first name, last name, and e-mail address.
Object Class: A distinct, named set of attributes that represents a specific type of entity stored in the directory, such as users, printers, or applications. The attributes include data describing the thing that is identified by the directory object. Attributes of a user might include the user's first name, last name, and e-mail address.
Attributes: For files, information that indicates whether a file is read-only, hidden, ready for archiving (backing up), compressed, or encrypted, and whether the file contents should be indexed for fast file searching. In Active Directory, a property of an object. For each object class, the schema defines which attributes an instance of the class must have and which additional attributes it might have.
24
Schema, Global Catelog, Object Class
Schema: The set of definitions for the universe of objects that can be stored in a directory. For each object class, the schema defines which attributes an instance of the class must have, which additional attributes it can have, and which other object classes can be its parent object class.
Global Catelog: A directory database that applications and clients can query to locate any object in a forest. The global catalog is hosted on one or more domain controllers in the forest. It contains a partial replica of every domain directory partition in the forest. These partial replicas include replicas of every object in the forest, as follows: the attributes most frequently used in search operations and the attributes required to locate a full replica of the object.
In Microsoft Provisioning System, the Exchange server maintains a list of global catalogs, and it maintains a load balance across global catalogs.
25
26
Domain, Tree and Forest
Forest: A forest is one or more trees. A forest do not share a contiguous namespace. All trees in a forest share a common schema and global catalog.Every tree root domain has a transitive trust relationship with the forest root domain.Each tree in a forest has its own unique namespace.One or more Active Directory domains that share the same class and attribute definitions (schema), site and replication information (configuration), and forest-wide search capabilities (global catalog). Domains in the same forest are linked with two-way, transitive trust relationships.
27
OU, Groups & Users
Organizational Unit 1
Organizational Unit 2
Domain
28
OU, Groups & Users
Organizational Unit: A container object that you use to organize objects ( user accounts, groups, computers, printers and other OUs) within a domain.
29
OU, Groups & UsersGroup
User
Organizational
Unit
30
