This chapter covers the physical and logical structure of Active List deployment scenarios in addition to a base knowledge of the uses of each level of grouping in the focused administration over widely distributed resources.
Terms you'll need to understand:
Active List
Domain controller
Trust
Organizational unit
Worldwide catalog
FSMO roles
Domain
Tree
Forest
Site
Bridgehead server
Methodologies you'll need to master:
Describing the intention of the Windows 2000 Active Catalog global catalog
Identifying the FSMO roles and their basic purposes
Spotting the differing types of trusts including one- and two-way together with transitive and nontransitive trusts
Identifying the levels of executive grouping, including organizational units, domains, trees, and forests
Windows 2000 utilizes a decentralized database in which all security beliefs like users, computers, and printers are registered so as to provide centralized access and management of resources inside a distributed network environment. This database is known as the Active Directory.
This chapter covers the physical and logical structure of Active Index deployment scenarios in addition to a base knowledge of the usages of each level of grouping in the centralized administration over widely distributed resources.
Active List Structure Overview
Users of Windows NT and earlier operating systems might be familiar with the idea of a p-2-p network of PCs, commonly referred to as a workgroup. In a workgroup, each PC maintains its own list of users and the access to local resources granted to each. Not one of the systems in this configuration provide administration over the wholeĆ¢€"all act as equals (peers). Although this can work for as much as 5 or 10 computers, the issues of administration, configuration, and deployment of systems in bigger configurations mandate some type of centralised administration and coordination.
Domain Controllers
In Windows NT, the idea of the domain was introduced. A domain is a grouping of resources including computers, printers, groups, and users that are maintained in a concentrated database of resources located on a supervisory machine called a domain controller (DC). In Windows NT, all updates to this database occurred within one domain controller chosen as the primary domain controller (PDC), with all the other domain controller servers elected as backup domain controllers (BDCs). The backup domain controllers receive updates to their local copy of the listing from the number one domain controller on a constant schedule.
To provide support for larger-scale deployments in which the security principles (such as users) in one domain could be granted access to resources located in another domain, numerous domains can be joined via a connection called a trust. Trusts will be covered in finer detail later in this chapter in the section titled "Trusts."
The limitation of the NT domain system was that all updates to the database had to occur on the primary domain controller, and only then would be propagated out to all backup domain controllers on the subsequent prepared update cycle. This will cause significant delays before changes are propagated to all remote backup domain controllers, and may prevent changes outright if a network connection to the main domain controller is not available. In addition, the process may be rather bandwidth-intensive if a full-domain synchronization of domain controllers is enacted, as the number one domain controller must update the local copy of the domain database on all backup domain controllers throughout the domain. This can prove to be a very serious bottleneck when a deployment is distributed over a sizeable number of servers or a broad geographic area.
Terms you'll need to understand:
Active List
Domain controller
Trust
Organizational unit
Worldwide catalog
FSMO roles
Domain
Tree
Forest
Site
Bridgehead server
Methodologies you'll need to master:
Describing the intention of the Windows 2000 Active Catalog global catalog
Identifying the FSMO roles and their basic purposes
Spotting the differing types of trusts including one- and two-way together with transitive and nontransitive trusts
Identifying the levels of executive grouping, including organizational units, domains, trees, and forests
Windows 2000 utilizes a decentralized database in which all security beliefs like users, computers, and printers are registered so as to provide centralized access and management of resources inside a distributed network environment. This database is known as the Active Directory.
This chapter covers the physical and logical structure of Active Index deployment scenarios in addition to a base knowledge of the usages of each level of grouping in the centralized administration over widely distributed resources.
Active List Structure Overview
Users of Windows NT and earlier operating systems might be familiar with the idea of a p-2-p network of PCs, commonly referred to as a workgroup. In a workgroup, each PC maintains its own list of users and the access to local resources granted to each. Not one of the systems in this configuration provide administration over the wholeĆ¢€"all act as equals (peers). Although this can work for as much as 5 or 10 computers, the issues of administration, configuration, and deployment of systems in bigger configurations mandate some type of centralised administration and coordination.
Domain Controllers
In Windows NT, the idea of the domain was introduced. A domain is a grouping of resources including computers, printers, groups, and users that are maintained in a concentrated database of resources located on a supervisory machine called a domain controller (DC). In Windows NT, all updates to this database occurred within one domain controller chosen as the primary domain controller (PDC), with all the other domain controller servers elected as backup domain controllers (BDCs). The backup domain controllers receive updates to their local copy of the listing from the number one domain controller on a constant schedule.
To provide support for larger-scale deployments in which the security principles (such as users) in one domain could be granted access to resources located in another domain, numerous domains can be joined via a connection called a trust. Trusts will be covered in finer detail later in this chapter in the section titled "Trusts."
The limitation of the NT domain system was that all updates to the database had to occur on the primary domain controller, and only then would be propagated out to all backup domain controllers on the subsequent prepared update cycle. This will cause significant delays before changes are propagated to all remote backup domain controllers, and may prevent changes outright if a network connection to the main domain controller is not available. In addition, the process may be rather bandwidth-intensive if a full-domain synchronization of domain controllers is enacted, as the number one domain controller must update the local copy of the domain database on all backup domain controllers throughout the domain. This can prove to be a very serious bottleneck when a deployment is distributed over a sizeable number of servers or a broad geographic area.
About the Author:
Here, I'd like to introduce a good study website about IT Certification to everybod ready4exam.com You can free updated Q&A at Ready4exam.
0 comments:
Post a Comment