Active Directory and its Components Domain Controllers An















- Slides: 15


Active Directory and its Components • Domain Controllers: An Active Directory domain provides a centralized identity store trusted by all domain members—all computers that have accounts in the domain. • A domain also provides a centralized authentication service. • The two most important elements of Domain Controllers are: 1. The Active Directory database (ntds. dit) and its supporting files contain the definition of objects and the configuration of objects. Examples of objects are Containers, Organizational Units, user accounts and computer accounts. 2. The Active Directory System Volume (SYSVOL) is an SMB-based network share, used to share files with Active Directory members

There are two different types of domain controllers: 1. Read/write Domain Controllers These Domain Controllers allow changes to their Active Directory databases and System Volumes from Active Directory members and can be used to bring changes to other Domain Controllers. 2. Read-only Domain Controllers are Domain Controllers that only allow read-access to their Active Directory databases and System Volumes. Objects: Each object within the Active Directory configuration is identified with a security identifier, the SID. The security identifier consists of two parts: The domain identification part and the relative identifier,

In the screenshot of Active Directory Users and Computers below, you can see the Organizational Units and Containers for an Active Directory domain based on Windows Server 2012 R 2 Domain Controllers:

Introducing Active Directory® Domain Services Install Active Directory Domain Services Lab: Install an AD DS Domain Controller to Create a Single Domain Forest



Domain Controller DC Click on “prompt this server to a DC ADD NEW FORSET

write the root domain name example ”etcg. com”



the installed services appears AD DS, DNS, DHCP


AD MANAGER • Active Directory Administrative Center – This is a new Microsoft Management Console (MMC) snap-in that allows you to accomplish many Active Directory tasks from one central location. This MMC snap-in allows you to manage your directory service objects including; – Reset user passwords – Create or manage user accounts – Create or manage groups – Create or manage computer accounts – Create or manage organizational units (OUs) and containers – Connect to one or several domains or domain controllers in the same instance of Active Directory Administrative Center

Active Directory Users and Computers MMC 15