Alistair G. Lowe-Norris - Active Directory, Second Edition
Here you can read online Alistair G. Lowe-Norris - Active Directory, Second Edition full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2003, publisher: OReilly Media, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Active Directory, Second Edition
- Author:
- Publisher:OReilly Media
- Genre:
- Year:2003
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Active Directory, Second Edition: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Active Directory, Second Edition" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
When Microsoft introduced Windows 2000, the most important change was the inclusion of Active Directory. With many great benefits, it continues to be a huge headache for network and system administrators to design, implement and support. The first edition of this book, OReillys best-selling Windows 2000 Active Directory, eased their pain considerably. Now titled Active Directory, 2nd Edition, this book provides system and network administrators, IT professionals, technical project managers, and programmers with a clear, detailed look at Active Directory for both Windows 2000 and Windows Server 2003.
The upgraded Active Directory that ships with Windows Server 2003 has over 100 new and enhanced features and once again, OReilly has the answers to puzzling questions. While Microsofts documentation serves as an important reference, Active Directory, 2nd Edition is a guide to help the curious (and weary) understand the big picture. In addition to the technical details for implementing Active Directory, several new and significantly enhanced chapters describe the numerous features that have been updated or added in Windows Server 2003 along with coverage of new programmatic interfaces that are available to manage it. After reading the book you will be familiar with the Lightweight Directory Access Protocol (LDAP), multi-master replication, Domain Name System (DNS), Group Policy, and the Active Directory Schema, among many other topics.
Authors Robbie Allen and Alistair G. Lowe-Norris are experienced veterans with real-world experience. Robbie is a Senior Systems Architect in the Advanced Services Technology Group at Cisco Systems. He was instrumental in the deployment and automation of Active Directory, DNS and DHCP at Cisco, and is now working on network automation tools. Alistair is an enterprise program manager for Microsoft U.K. and previously worked for Leicester University as the project manager and technical lead of the Rapid Deployment Program for Windows 2000.
Active Directory, 2nd Edition will guide you through the maze of concepts, design issues and scripting options enabling you to get the most out of your deployment.
Alistair G. Lowe-Norris: author's other books
Who wrote Active Directory, Second Edition? Find out the surname, the name of the author of the book and a list of all author's works by series.
Active Directory, Second Edition — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Active Directory, Second Edition" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
"NOS" is the term used to describe anetworked environment in which various types of resources, such asuser, group, and computer accounts, are stored in a centralrepository that is controlled and accessible to end users. Typicallya NOS environment is comprised of one or more servers that provideNOS services, such as authentication and account manipulation, andmultiple end users that access those services.
Microsoft's first integrated NOS environment becameavailable in 1990 with the release of Windows NT 3.0, which combinedmany features of the LAN Manager protocols and OS/2 operating system.The NT NOS slowly evolved over the next eight years until ActiveDirectory was first released in beta in 1997.
Under Windows NT,the"domain" concept was introduced,providing a way to group resources based on administrative andsecurity boundaries. NT domains are flat structures limited to about40,000 objects (users, groups, and computers). For largeorganizations, this limitation imposed superficial boundaries on thedesign of the domain structure. Often, domains were geographicallylimited as well because the replication of data between domaincontrollers (i.e., servers providing the NOS services to end users)performed poorly over high-latency or low-bandwidth links. Anothersignificant problem with the NT NOS was delegation of administration,which typically tended to be an all-or-nothing matter at the domainlevel.
Microsoft was well aware of these limitations and needed torearchitect their NOS model into something that would be much morescalable and flexible. For that reason, they looked to LDAP-baseddirectory services as a possible solution.
In generic terms,adirectory service is a repository of network, application, or NOSinformation that is useful to multiple applications or users. Underthis definition, the Windows NT NOS is a type of directory service.In fact, there are many different types of directories, includingInternet white pages, email systems, and even the Domain Name System(DNS). While each of these systems have characteristics of adirectory service, X.500 and the Lightweight Directory AccessProtocol (LDAP) definethe standards for how a true directory service is implemented andaccessed.
In 1988, the International Telecommunication Union (ITU) andInternational Organization of Standardization (ISO) teamed up todevelop a series of standards around directory services, which hascome to be known as X.500. While X.500 proved to be a good model forstructuring a directory and provided a lot of functionality aroundadvanced operations and security, it was difficult to implementclients to utilize it. One reason is that X.500 is based on the OSI(Open System Interconnection) protocol stack instead of TCP/IP, whichhad become the standard for the Internet. The X.500directory accessprotocol (DAP) was very complex and implemented a lot of featuresmost clients never needed. This prevented large-scale adoption. It isfor this reason that a group headed by the University of Michiganstarted work on a "lightweight"X.500 access protocol that would make X.500 easier to utilize.
The first version of the Lightweight Directory Access Protocol (LDAP)was released in 1993 as RFC 1487, but due to the absence of manyfeatures provided by X.500, it never really took off. Itwasn't until LDAPv2 was released in 1995 as RFC 1777that LDAP started to gain popularity. Prior to LDAPv2, the primaryuse of LDAP was as a gateway between X.500 servers. Simplifiedclients would interface with the LDAP gateway, which would translatethe requests and submit it to the X.500 server. The University ofMichigan team thought that if LDAP could provide most of thefunctionality necessary to most clients, they could remove themiddleman (the gateway) and develop an LDAP-enabled directory server.This directory server could use many of the concepts from X.500,including the data model, but would leave out all the overheardprovided by the numerous features it implemented. Thus the first LDAPdirectory server was released in late 1995 by the University ofMichigan team, and it turned into the basis for many future directoryservers.
In 1997, the last major update to the LDAP specification wasdescribed in RFC 2251. It provided several new features and made LDAProbust enough and extensible enough to be suitable for most vendorsto implement. Since then, companies such as Netscape, Sun, Novell,and Microsoft have developed LDAP-based directory servers. Mostrecently, RFC 3377 was released, which summarizes all of the majorLDAP RFCs.
contains acomparison of features between Windows NT and Active Directory.
Windows NT | Active Directory |
|---|---|
Single-master replication is used, from the PDC master to the BDCsubordinates. | Multimaster replication is used between all domain controllers. |
Domain is the smallest unit of partitioning. | Naming Contexts and Application Partitions are the smallest unit ofpartitioning. |
System policies can be used locally on machines or set at the domainlevel. | Group policies can be managed centrally and used by clientsthroughout the forest based on domain, site or OU criteria. |
Data cannot be stored hierarchically within a domain. | Data can be stored in a hierarchical manner using OUs. |
Domain is the smallest unit of security delegation and administration. | A property of an object is the smallest unit of securitydelegation/administration. |
NetBIOS and WINS used for name resolution. | DNS is used for name resolution. |
Object is the smallest unit of replication. | Attribute is the smallest unit of replication. In Windows Server 2003 Active Directory, some attributes replicate ona per-value basis (such as the member attribute of group objects). |
Maximum recommended database size for SAM is 40 MB. | Recommended maximum database size for Active Directory is 70 TB. |
Maximum effective number of users is 40,000 (if you accept therecommended 40 MB maximum). | The maximum number of objects is in the tens of millions. |
Four domain models (single, single-master, multimaster,complete-trust) required to solve per-domain admin-boundary anduser-limit problems. | No domain models required as the complete-trust model is implemented.One-way trusts can be implemented manually. |
Schema is not extensible. | Schema is fully extensible. |
Data can only be accessed through a Microsoft API. | Supports LDAP, which is the standard protocol used by directories,applications, and clients that want to access directory data. Allowsfor cross-platform data access and management. |
First, Windows NT Primary Domain Controllers and Backup DomainControllers have been replaced by Active DirectoryDomain Controllers. It ispossible under Active Directory to promote member servers to DomainControllers (DCs) and demote DCs to ordinary member servers, allwithout needing a reinstallation of the operating system; this is notthe case under Windows NT. If you want to make a member server a DC,you can promote it using the dcpromo.exe wizard.dcpromo asks you a number of questions, such aswhether you are creating the first domain in a domain tree or joiningan existing tree, whether this new tree is part of an existing forestor a new forest to be created, and so on.
Font size:
Interval:
Bookmark:
Similar books «Active Directory, Second Edition»
Look at similar books to Active Directory, Second Edition. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Active Directory, Second Edition and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.