Cargando…
Mastering Active Directory /
Become a master at managing enterprise identity infrastructure by leveraging Active DirectoryAbout This Book* Manage your Active Directory services for Windows Server 2016 effectively* Automate administrative tasks in Active Directory using PowerShell* Manage your organization's network with ea...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing,
2017.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover
- Copyright
- Credits
- About the Author
- Acknowledgement
- About the Reviewers
- www.PacktPub.com
- Customer Feedback
- Table of Contents
- Preface
- Chapter 1: Active Directory Fundamentals
- Benefits of using Active Directory
- Centralized data repository
- Replication of data
- High availability
- Security
- Auditing capabilities
- Single sign-on
- Schema modification
- Querying and indexing
- Active Directory components
- Logical components
- Forests
- Domains
- Domain trees
- Organizational units
- Physical components
- Domain controllers
- Global catalog server
- Active Directory sites
- Active Directory objects
- Globally unique identifier and security identifier
- Distinguished names
- Active Directory server roles
- Active Directory Domain Service
- Read-only domain controllers
- Active Directory Federation Services
- Active Directory Lightweight Directory Services
- Active Directory Rights Management Services
- Active Directory Certification Services
- Summary
- Chapter 2: Active Directory Domain Services 2016
- AD DS 2016 features
- Deprecation of Windows Server 2003 domain and forest functional levels
- Deprecation of File Replication Services
- Privileged Access Management
- What is it to do with AD DS 2016?
- What is the logic behind PAM?
- Time-based group memberships
- Microsoft Passport
- Active Directory Federation Services improvements
- Time sync improvements
- Summary
- Chapter 3: Designing Active Directory Infrastructure
- What makes a good system?
- New business requirements
- Correcting legacy design mistakes
- Gathering business data
- Defining security boundaries
- Identifying the physical computer network structure
- Designing the forest structure
- Single forest
- Multiple forest
- Creating the forest structure
- Autonomy
- Isolation.
- Selecting forest design models
- Organizational forest model
- Resource forest model
- Restricted access forest model
- Designing the domain structure
- Single domain model
- Regional domain model
- The number of domains
- Deciding domain names
- Forest root domain
- Deciding domain and forest functional levels
- Designing the OU structure
- Designing the physical topology of Active Directory
- Physical or virtual domain controllers
- Domain controller placement
- Global catalog server placement
- Summary
- Chapter 4: Active Directory Domain Name System
- What is DNS?
- Hierarchical naming structure
- How DNS works
- DNS essentials
- DNS records
- Start of authority record
- A and AAAA records
- NS records
- MX records
- Canonical name record
- PTR record
- SRV records
- Zones
- Primary zone
- Secondary zone
- Stub zone
- Reverse lookup zone
- DNS server operation modes
- Zone transfers
- DNS delegation
- Summary
- Chapter 5: Placing Operations Master Roles
- FSMO roles
- Schema operations master
- Domain naming operations master
- Primary domain controller emulator operations master
- Relative ID operations master role
- Infrastructure operations master
- FSMO roles placement
- Active Directory logical and physical topology
- Connectivity
- The number of domain controllers
- Capacity
- Moving FSMO roles
- Seize FSMO roles
- Summary
- Chapter 6: Migrating to Active Directory 2016
- Active Directory Domain Service installation prerequisites
- Hardware requirements
- Virtualized environment requirements
- Additional requirements
- Active Directory Domain Service installation methods
- Active Directory Domain Service deployment scenarios
- Setting up a new forest root domain
- Active Directory Domain Service installation checklist for first domain controller
- Design topology.
- Installation steps
- Setting up an additional domain controller
- Active Directory Domain Service installation checklist for an additional domain controller
- Design topology
- Installation steps
- Setting up a new domain tree
- Active Directory Domain Service installation checklist for a new domain tree
- Design topology
- Installation steps
- Setting up a new child domain
- Active Directory Domain Service installation checklist for a new child domain
- Design topology
- Installation steps
- How to plan Active Directory migrations
- Migration life cycle
- Audit
- Active Directory logical and physical topology
- Active Directory health check
- System Center Operation Manager and Operation Management Suite
- Active Directory health checklist
- Application audit
- Plan
- Implementation
- Active Directory migration checklist
- Design topology
- Installation steps
- Verification
- Maintain
- Summary
- Chapter 7: Managing Active Directory Objects
- Tools and methods to manage objects
- Active Directory Administrative Center
- The Active Directory Users and Computers MMC
- Active Directory object administration with PowerShell
- Creating, modifying, and removing objects in Active Directory
- Creating Active Directory objects
- Creating user objects
- Creating computer objects
- Modifying Active Directory objects
- Removing Active Directory objects
- Finding objects in Active Directory
- Finding objects using PowerShell
- Summary
- Chapter 8: Managing Users, Groups, and Devices
- Object attributes
- Custom attributes
- User accounts
- Managed Service Accounts
- Group Managed Service Accounts
- Uninstalling Managed Service Account
- Groups
- Group scope
- Converting groups
- Setting up groups
- Devices and other objects
- Best practices
- Summary
- Chapter 9: Designing the OU Structure.
- OUs in operations
- Organizing objects
- Delegating control
- Group policies
- Containers versus OUs
- OU design models
- The container model
- The object type model
- The geographical model
- The department model
- Managing the OU structure
- Delegating control
- Summary
- Chapter 10: Managing Group Policies
- Benefits of group policies
- Maintaining standards
- Automating administration tasks
- Preventing users from changing system settings
- Flexible targeting
- No modifications to target
- Group Policy capabilities
- Group Policy objects
- Group Policy container
- The Group Policy template
- Group Policy processing
- Group Policy inheritance
- Group Policy conflicts
- Group Policy mapping and status
- Administrative templates
- Group Policy filtering
- Security filtering
- WMI filtering
- Group Policy preferences
- Item-level targeting
- Loopback processing
- Group Policy best practices
- Summary
- Chapter 11: Active Directory Services
- The AD LDS overview
- Where to use LDS?
- Application developments
- Hosted applications
- Distributed data stores for Active Directory integrated applications
- Migrating from other directory services
- The LDS installation
- The Active Directory replication
- FRS versus DFSR
- Prepared state
- Redirected state
- Eliminated state
- Active Directory sites and replication
- Replication
- Authentication
- Service locations
- Sites
- Subnets
- Site links
- Site link bridges
- Managing Active Directory sites and other components
- Managing sites
- Managing site links
- The site cost
- Inter-site transport protocols
- Replication intervals
- Replication schedules
- Site link bridge
- Bridgehead servers
- Managing subnets
- How does replication work?
- Intra-site replications
- Inter-site replications
- Knowledge Consistency Checker.
- How update occurs?
- The update sequence number
- Directory Service Agent GUID and invocation ID
- The high watermark vector table
- The up-to-dateness vector table
- The read-only domain controllers
- Active Directory database maintenance
- The ntds.dit file
- The edb.log file
- The edb.chk file
- The temp.edb file
- Offline defragmentation
- Active Directory backup and recovery
- Preventing accidental deletion of objects
- Active Directory Recycle Bin
- Active Directory snapshots
- Active Directory system state backup
- Active Directory recovery from system state backup
- Summary
- Chapter 12: Active Directory Certificate Services
- PKI in action
- Symmetric keys versus asymmetric keys
- Digital encryption
- Digital signatures
- Signing, encryption, and decryption
- Secure Sockets Layer certificates
- Types of certification authorities
- How do certificates work with digital signatures and encryption?
- What can we do with certificates?
- Active Directory Certificate Service components
- The certification authority
- Certificate Enrollment Web Service
- Certificate Enrollment Policy Web Service
- Certification Authority Web Enrollment
- Network Device Enrollment Service
- Online Responder
- The types of CA
- Planning PKI
- Internal or public CAs
- Identifying the object types
- Cryptographic provider
- The cryptography key length
- Hash algorithms
- The certificate validity period
- The CA hierarchy
- High availability
- Deciding certificate templates
- The CA boundary
- PKI deployment models
- The single-tier model
- The two-tier model
- Three-tier models
- Setting up PKI
- Setting up a stand-alone root CA
- DSConfigDN
- CDP locations
- AIA locations
- CA time limits
- CRL time limits
- The new CRL
- Publishing the root CA data into the Active Directory
- Setting up the issuing CA.