Home Books Purchase Consultancy work The Seminars Contact Us Downloads


Specialists in infrastructure design for business critical systems

 

 

 
The AD Seminars
Active Directory - Maximizing Performance with 64-Bit Windows
Securing Active Directory Access | Active Directory Internals
Active Directory Disaster Recovery | Stretching Directory Boundaries
Additional Sessions
Active Directory® Internals
Windows® 2000 and Windows® Server 2003

One-Day Seminar (level-400)

Presented by
John Craddock

Demos by
Sally Storey



- Seminar Abstract
- Who should attend?
- Prerequisites
- Speaker Biography
- Content
Content

 		 
Introduction

Introduces the idea of publishing network services and resources into a directory. It will show how objects are used to provide information for locating, binding and configuring the resources. The concepts of AD access control and the reasons for creating the hierarchy and placing the published objects will be addressed.

 

Introduction
 

• Abstracting physical resources
 

• Naming contexts
 

• The Global Catalog
 

• Searching and ambiguous name resolution
 

• Programmatic access (ADSI & LDAP)
 

• RootDSE
 

• Global Catalog dependencies
 

• 2003 universal group membership caching
 

• Active Directory® versioning


Anatomy of An Object

An in-depth examination of objects, their attributes, and the schema. It will address the main attribute types including: OIDs, GUIDs, SIDs, display names, mandatory attributes, indexed attributes, linked attributes and much more.


 

Anatomy of an Object

 

• Key attributes

 

• Indexed attributes
 

• Linked attributes and cross-references

 

• Phantom records
 

• Infrastructure Master
 

• Multi-valued attributes
 

• Classes
 

• Extending the schema
 

• Attribute settings via Schema Manager
 

• LDP and ADSI Edit
 

• 2003 schema changes
 

• Bulk import and export (LDIF & CSVDE)


Data Storage

Provides details of the data storage architecture and how the DSA works in combination with the database layer and ESE. Details of database maintenance are covered including tombstones and garbage collection.


 

Data storage
 

• Object storage
 

• Database and log files
 

• Tombstones and garbage collection

 

• Creating the Active Directory®



Replication

Introduces AD replication and then drills-down into the object and attribute metadata.


 

Replication
 

• Multi-master replication
 

• Resolving conflicts
 

• 2003 linked-value replication

 

• DCPROMO replication

 

• 2003 install from media
 

• 2003 Active Directory® partitions

   
   
Active Directory® Object Security

Protection of objects through access control lists is essential; different access control permissions may be required as the object is created, located and maintained. This section examines access control for object access and delegated administration.


 

Gaining Access to Published Objects
 

• Explicit and inherited ACLs
 

• ACE ordering
 

• Non-canonical ACLs

 

• Default object ACLs
 

• OU access and inheritance
 

• Delegating administration
 

• 2003 changes

 

 

 

 

Advanced Administration

A number of administration tasks can only be performed by the domain or enterprise administrators. This section details how some of the tasks can be delegated through direct manipulation of ACLs on objects.


 

Advanced Administration
 

• Default access for security groups
 

• Delegating tasks
 

• Identifying affected objects

 

• Solving hard delegation problems
 

 

   
Top


Latest Books
Active Directory® Forestry

Investigating and Managing Objects and Attributes for Microsoft® Windows® 2000 and Microsoft® Windows® Server 2003 – A Geek’s Guide

This book peels back the covers on the Active Directory® and provides you with technical in-depth details of objects and attributes and how they interact.

ISBN 0-9544218-0-9

Table of Contents
More information
Purchase

© 2002- 2003 Kimberry Assocociates | Terms of Use, Privacy Statement, Disclaimer  | Trademarks