Chapter 13 Installing Domain ControllersIntroducing Active DirectoryA directory service is a repository of information about the resources—hardware, software, and human—connected to a network. Users, computers, and applications throughout the network can access the repository for variouspurposes:oUser AuthenticationoStorage of Configuration dataoAccessing files and printers AD DS is a directory service that enables you to create organizational divisions called domains. A domain is a logical container of network components, hosted by at least one server designatedas a domain controller.Active Directory functionsAuthentication is the process of verifying a user’s identity by using:Passwords Smart cardsBiometrics (fingerprint, scan)Authorization is the process of granting the user access only to the resources he or she is permitted to use by using:ACLs and ACEsUnderstanding Active Directory ArchitectureActive Directory is a hierarchical directory service, based on the domain, which is scalable in both directions.You can subdivide a domain into organizational units and populate it with objects. You can also create multiple domains and group them into sites, trees, and forests.AD DS provides a highly flexible architecture that can accommodate the smallest and the largest organizations.Understanding Objects and AttributesAn AD DS domain is a hierarchical structure that takes the form of a tree, much like a file system.The domain consists of objects, each of which represents a logical or physical resource.Every object consists of attributes, which store information about the object.Different object types have different sets of attributes, depending on their functions.The directory schema defines the attributes for each object and the information that is required and optional.Classes of Objects
A container object can have other objects subordinate to it oDomain oOrganizational unitA leaf object cannot have subordinate objects:oUsers computeroGroupsoApplicationoNetwork resourcesoUnderstanding DomainsDomainsYou can create a hierarchy within a domain.You can create a hierarchy out of multiple domains.You begin the process of designing an Active Directory infrastructure by deciding what domains to create and you begin deploying AD DS by creating your fist domain.