ACTIVE DIRECTORY

1. Active directory is a directory service, A Directory service consists of centralized hierarchical

database. Where it contains information about network resources like User, Groups,
Computers, Printers, Scanners, etc.,
2. The Database file in Active Directory is known as Active Directory Data Base. [File name is
NTDS.DIT]
{New Technology Directory Services. Directory Information Tree}.
3. If we want to make windows server as Domain Controller. We will install Active Directory.
The command used for install and uninstall Active Directory is DCPROMO.
After installation of Active Directory, you can verify the success of active directory installation.
1. Verify SRV Record in DNS. In win2000 -- 4 SRV records are there,
but in win2003 -- 6 SRV records are there [2K] MSCDS, TCP, UDP, and SITES.
[2K3] Forest DNS Zone, Domain DNS Zone
2. Verify the SYSVOL has been properly created and shared.
[My Computer Local Disk WINNT System32].
This folder contains 4 folders 1.Domain 2. Staging 3. Staging Area 4.Sysvol
3. Verify that the Active Directory database and log files are created
[My Computer Local Drive Winnt NTDS].
4. Check the Event logs for any errors generated during the installation.
After install Active Directory and establish a domain, the domain and Active Directory run in a
Mixed Mode.
The structure of Active Directory
Logical Structure Forest, Tree, Domain, OUs
Physical Structure Sites and Domain Controllers.
Purpose of Active Directory :-

1. To provide user logon and authentication services.

2. To enable administrator to organize and manage user accounts, groups and network
3.

resources.
To enable authorized users to easily locate network resources, Regardless of where they
are located on the network.

Active Directory Features:1. Active Directory is scable: - We can create any no. of domains in a forest. Will get by default twoway transitive trust relationship.
2. Active Directory is flexible and extension able we can extend Schema.
3. Easy of administration by using group policy.
4. Easy of Searching Objects because of Global Catalog.
5. Active Directory Security: -Because AD resides in Security Sub System in user mode as Kernel.
FSMO RULES

Schema Master Schema Master control updates and modifications to Schema. If you want to
change schema we must have schema master online. There will be only one schema master in
the forest. Schema can be modified by using MMC tool.
Domain Naming Master Domain Naming Master controls addition or removal of domains in
a forest. It ensures that domain names are unique. When we create a new domain, domainnaming master will query a global catalog server to conform, whether the name existing domain
or not
PDC Emulator It acts as a PDC for NT BDCS in a mixed mode.
Preferential replication of password Whenever we change a password on a domain controller,
that domain controller will immediately forward the password change to the PDC Emulator for
coping the password change to all domain controller will take time this is known as replication
latency
RID Master Relative Identifier is a responsible for assigning unique Ids to the objects
created in AD. When ever we create user, group, and computer windows security sub system
will assign SID.
Infrastructure Master The infrastructure master is the domain controller in the domain
that updates group membership information when group members are renamed or moved.
If there is only one domain controller in the domain in the forest then there is no
functionality for infrastructure master.
If infrastructure master and global catalog are in the same domain controller.
Infrastructure master will not work because infrastructure master will get the updates from
GC.
DNS stands for Domain Name System.

The primary purpose of DNS is to provide Host Name Resolution. It is the purpose of
resolving computer user friendly host name to the numerical ip address of that
computer.
DNS domain names are also called as Fully Qualified Domain Name. It can contain 63
characters.

After Configuration of DNS Server we can see two records.

Start Up Authority Start of Authority Record, which is a first record in DNS, Which controls
the start-up behavior of DNS. We can configure TTL, refresh and retry intervals in this record.
Name Server Record
The Start up Authority Record contains information we can see Serial Number, Primary
server, Responsible person
In Name Server record also we can see Server Name and IP Address.
ZONE A Zone is a storage database for either a DNS domain or for a DNS domain and one or
more of its sub domain.
FORWARD LOOK UP ZONE:
Is a zone that contains host name to IP address mappings. And information about available
services for either a DNS domain or a DNS domain and one or more of its sub domain.
REVERSE LOOUP ZONE:
Is a zone that contains IP address to host name mappings.
Zone are not created by default when the DNS Server Services is installed they are created and
configured by administrator.