Navigation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In this chapter, we address several issues:
- The fundamentals of Active Directory
- Managing Active Directory
- Security and Active Directory
- Migrating to Active Directory
Active Directory is a directory service. The term directory service refers to two things — a directory where information about users and resources is stored and a service or services that let you access and manipulate those resources. Active Directory is a way to manage all elements of your network, including computers, groups, users, domains, security policies, and any type of user-defined objects. It melds several NT services and tools that have functioned separately so far — User Manager for Domains, Server Manager, Domain Name Server — and provides additional functions beyond these services and tools.
Active Directory is built around Domain Name System (DNS) and lightweight directory access protocol (LDAP) — DNS because it is the standard on the Internet and is familiar, LDAP because most vendors support it. Active Directory clients use DNS and LDAP to locate and access any type of resource on the network. Because these are platform-independent protocols, Unix, Macintosh, and other clients can access resources in the same fashion as Windows clients.
The Microsoft Management Console (MMC) is used to implement and manage Active Directory. The goals of Active Directory are the same as those we identified in the discussion of domain models The two most important are
- Users should be able to access resources throughout the domain using a single logon.
- Administrators should be able to centrally manage both users and resources.
Active Directory allows central control and decentralized administration of mixed NT 4.0 and 2000 Server domains. Clients can be 2000 Server workstations and servers, Windows 95, Windows 98, or any other system that has the Active Directory add-on installed.
Because Active Directory is a Microsoft product, most of this discussion focuses on 2000 Server’s implementation of Active Directory. Where applicable, we include information about how Unix can integrate with Active Directory.
|
|
|
|
|
|
|
Today, there have been 10 visitors (10 hits) on this page! |
|
|
|
|
|
|
|