SAM101 - Week 11, 12 & 13

It refer to resources like:

• Users

• Computers

• Printers

In a network environment, especially in Windows-based systems: _______ refer to resources while _________ are collections of objects

These are collections of objects used to:

• Simplify permissions

• Manage access control efficiently

Objects refer to resources like: (3)

Groups are collections of objects used to: (2)

These are structures used in directory services like Active Directory (3)

A collection of objects (users, computers) sharing a common database

A group of domains sharing a namespace

A collection of trees (largest structure)

• It is used to resolve NetBIOS names into IP addresses.

• Works like DNS but for older Windows systems

• Uses LMHOSTS file if WINS server is unavailable

• It automatically assigns IP addresses to devices on a network.

• Eliminates manual IP configuration

• Provides:

  • IP address

  • Subnet mask

  • Gateway

  • DNS

• Maps hostnames to IP addresses

• Used for DNS resolution locally

• Located in:C:\Windows\System32\drivers\etc\hosts

• Used for NetBIOS name resolution

• Works with older Windows networking

• Example: 192.168.1.10 LAB-PC-01 #PRE

• Allows the system to recognize LAB-PC-01 without WINS

It resolves domain names locally

It resolves NetBIOS names

It centralized NetBIOS name resolution

Automatic IP configuration

Organize and manage network resources

It stores, organizes, and provides access to information in a directory. _______ are used for locating, managing, administering, and organizing common items and network resources, such as volumes, folders, files, printers, users, groups, devices, telephone numbers, and other objects.

It is a technology created by Microsoft that provides a variety of network services, including the following:

• LDAP

• Kerberos-based and single sign-on authentication

• DNS-based naming and other network information

• A central location for network administration and delegation of authority

It is an application protocol for querying and modifying data using directory services running over TCP/IP. Within the directory, the sets of objects are organized in a logical hierarchical manner so that you can easily find and manage them.

It is a computer network authentication protocol, which allows hosts to prove their identity over a nonsecure network in a secure manner. It can also provide mutual authentication so that both the user and server verify each other’s identity.

It allows you to log on once and access multiple related but independent software systems without having to log in again. As you log on with Windows using Active Directory, you are assigned a token, which can then be used to sign on to other systems automatically.

These are logical representations of your network organization, which allow you to organize them in the best way to manage them. To identify these, Active Directory is closely tied to DNS.

Without ________ records, Active Directory will not be able to function properly.

It is made of one or more domains (although most people think of a ______ as two or more domains) with contiguous name space.

It is made of one or more trees (although most people think of a _______ as two or more trees). It differs from a tree because it uses disjointed namespaces between the trees.

It is one or more IP subnets that are connected by a high-speed link, typically defined by a geographical location. For example, say you have a four-story office building. Although the building includes several subnets, all of the computers within the building use layer-2 and layer-3 switches to communicate with each other.

It is a Windows server that stores a replica of the account and security information for the domain and defines the domain boundaries. To make a computer running Windows Server 2008 a domain controller, you must install the Active Directory Domain Services and execute the dcpromo (short for dc promotion) command.

After you have promoted a computer to a domain controller, you can use several MMC snap-in consoles to manage Active Directory. These consoles are as follows (3)

Used to manage users, groups, computers, and organizational units.

Used to administer domain trusts, domain and forest functional levels, and user principal name (UPN) suffixes.

Used to administer replication of directory data among all sites in an Active Directory Domain Services

What is the best way to assign users to manage other users and computers in Active Directory?

To help organize objects within a domain and minimize the number of domains you require, you can use ________, commonly known as ___. It can be used to hold users, groups, computers, and other organizational units.

An _____ is a distinct, named set of attributes or characteristics that represent a network resource. Common _______ used within Active Directory are computers, users, groups, and printers.

Active Directory objects are assigned a 128-bit unique number called a ________, sometimes referred to as a security identifier (SID), to uniquely identify an object.

A ________ enables a user to log on to a computer and domain. As a result, it can be used to prove the identity of a user, and this identity information can then be used to determine what the user can access and what kind of authorization he or she has.

It allows users to log on and access resources on the computer in which the account was created. It is stored in the Security Account Manager (SAM) database on the local computer.

It is stored on the domain controller and allows you to gain access to resources within the domain, assuming you have been granted permissions to access those objects.