Introduction to Windows Server Active Directory

Jul 11, 2024

Lecture: Introduction to Windows Server Active Directory

Overview

  • Focus on Active Directory (AD) Domain Services in Windows Server
  • Importance of understanding AD, despite the popularity of Azure AD
  • Aim to cover logical and physical aspects of AD

Presenter Information

  • Name: Andy Malone
  • Title: Microsoft MVP and certified trainer

What is Active Directory (AD)?

  • An identity platform initiated with Windows 2000
  • Comprises a database of objects (users, computers, groups)
  • Two perspectives: logical (structure) and physical (replication and backup)

Logical Structure

  • Organization Units (OUs): Logical containers for organizing users, computers, and groups by location, department, etc.
  • Schema: Set of object types like users, groups, devices with attributes (e.g., first name, last name, email)
  • Attributes: Specific properties of objects (e.g., user’s name, email)

Physical Structure

  • AD Database: Stored in NTDS.DIT file
    • Includes transaction logs and checkpoint files
    • Single Point of Failure: Mitigated by replication to multiple Domain Controllers (DCs)
  • Domain Controllers (DCs): Servers with a copy of the AD database
  • Replication:
    • Intra-Site: Within the same location, replicates frequently
    • Inter-Site: Between different locations, managed via IP or SMTP for slower links
    • Helps in disaster recovery, load balancing, and performance improvement

Creating Users and Groups

  • Steps to create users and assign properties
    • Example user: Jean-Luc Picard, username format: last name + initial (picard.j)
  • Groups: Logical grouping of users for managing permissions conveniently
    • Example group: Operations Managers
    • Adding users to groups simplifies resource permissions

Demo: Managing Active Directory

  • Server Manager: Main portal for managing features and functions on Windows Server
    • Adding roles like AD Domain Services and configuring them
  • AD Tools: Managing users, computers, groups using tools like AD Users and Computers
  • Active Directory Administrative Center: Centrally manage AD settings and enable features like the AD Recycle Bin

Advanced Topics

  • Domains and Forests: Setting up additional domains, child domains, and trust relationships for larger organizations
  • Sites and Services: Managing replication and domain controllers across different sites
    • Importance of controlling replication to ensure efficient network use

Azure Active Directory (Azure AD)

  • Microsoft’s Identity-as-a-Service platform
  • Storing and managing the AD database in the cloud
    • Tenants: Logical containers akin to OUs in traditional AD
    • Provides user, group, and device management like traditional AD but in the cloud

Conclusion

  • Understanding Windows Server AD is crucial, especially for hybrid cloud environments
  • Key takeaways: efficient management of permissions, understanding replication, organizing logical structures within AD
  • Encouragement to subscribe and comment for more content

Recap & Next Steps

  • Check out additional sessions on Azure AD and other advanced topics
  • Stay safe and engage with future content by subscribing