- Database NTDS.DIT on a DC
- based on x.500 /LDAP
- uses kerberos (ticket granting system)
- consistent sync across peer DCs
- extensible
- interoperates with other domain/forests
AD structure
- Domain
- Tree
- Forest
- - totality of your AD infrastructure (single or multiple namespace domains)
- Trust
- manual trusts does not create transit trust.
- Federation
- `automatically creates a transit trust to all children
AD objects (most common)
- User
- group
- computer
- OU
- place user, group, computer in OU to organize
- Sites, site links
- control replication across slow links and allow AD convergence
No comments:
Post a Comment