kojigabriel's version from 2017-10-30 11:20



Question Answer
Organization of all units (component logical structure)are container objects, are used to arrange other objects that support admin purposes and used to delegat authority (group, indiv)
First domain in forest is calledroot domain. forest is synomomous with active directory
Information in active directory is only shared withthe forest and is a security boundary for information that is contained in active directory. highest point in active directory, shares single databased and global address list with security boundary. a user in one forest cannot access another forest
Site objects in a forest are sites, as in leaf and container objects. site container is top object in hierarchy used to managed and implement active directory replication.
Active directory domain serviceis a server role in active directory, which allows admins to manage and store information about resources from network, and app data in distributed database
Active directory domain service handlesnetwork elements (computers and users to reorder them into customized hierarchy)
Active directory domain service handles (terms) admin center, domain and trusts, powershell module (scripting and automation of systems and admin tasks), sites and services, server for netowrk information system, which is a smaller version of DNS
Within forest are domain containers
And within domains are organizational units
First called active directory now active directory domain services
Admins can use domain and forest containers to create authorization for sharing resources in network, information and service center available to users and apps, organizing objects in network (users, computers, resources and app data from apps) in hierarchy
is non-physical hierarchy presented from informtion (for users) in active directory, including domain controller, benefits are: increased security (isolating resources and delegating resources), network mgmt (simplifies configuration, admin of network and managing users and all network resources, resource sharing (across organization from domain and forests), reduced admin costs (reduced load on network and mgmt from active directory)
Logical structure centralizesmgmt of multiple domains and forests
Efficient logical structure from active directory facilitates group policy, desktop lockdowns and integration of services (public key, clustered file system, which can share files on multiple servers, such as DFS like a local file)
Global catalog is repositoryof info in domain tree or forest
Global catalog containsreplica of attributes of object in active directory
Default first domain controller isglobal catalog server
Global catalog determines theDNS of each forest



Question Answer
Domain isas a logical group of network objects (computers, users, devices) that share the same Active Directory database.
Tree is acollection of one or more domains and domain trees in a contiguous namespace, linked in a transitive trust hierarchy.
Forest is atop level structure of Active Directory, collection of trees, which contain domains that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which users, computers, groups, and other objects are accessible.
What is Active Directory?is a database that stores/manages information about forest resources and app specific info from directly enabled apps
Active Directory enables admins toorganize projects of network (users, computers and devices) into hierarchy of containers called logical structure. each active directory domain holds users, and is organized by organizational units. smallest unit possible which an admi can assign group policy or account permissions. all OUs in an active directory must be unique and cant contain objects from other domains
What is a Domain Controller?decides information partitions, network configuration of information and security with active directory tools
What is an OU?An organizational unit (OU) is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units.
When you join your workstation to the domain - explain what it means?It means establishing an environment where users can be created, resources and user features can be distributed to
Windows Server 2012 predefined groups?are sets of user profiles in a network with pre-defined abilities, such as administrators, guests, users
How groups can be used to simplify user administration?groups can simplify the need to individually implement security, windows features and administrative roles
Explain what are sharing permissions and security (NTFS) permissions?sharing permissions are the ability to share folders or files from the domain controller with multiple users, NTFS permissions pertains to what the user can do with that folder, such as Modify, Read, Write or Full Control
Explain what are group policies?they can be security permissions assigned to users within a group, or what the user is able to edit or access on a computer (such as windows registry files)
Why is DNS important?Domain Name System gives us the ability to access a network using a name, rather than inputting the IP address
What are DNS zones?is a portion within the Domain Name Service which are located below the DNS root, delegated into portions for security or administrative reasons
What are DNS name server lookup queries and how/why they happens?it is a query of obtaining the IP address for the Domain Name System
How DNS caching works?is a temporary database kept in a computer that contains records of visits to websites and or other domains, when a dns request is initially sent, the query has to obtain the IP address in order for access to be established, with the cache the process is sped up with IP addresses stored in the cache
Explain what are virtual directories?can allow users to access a directory on the server computer, which appears to be a directory on the internet
Give examples how virtual directories can be used.they can be used to create a server - client relationship in order to provide service for an application or directory
How to host multiple Web Sites on a single server?1. add a website, or physical HTML site to IIS 2. Edit the Web site binding and add a host header name, or create a new binding with a host header name. 3.
How can you prevent or restrict access to the (IIS) site(s)?1. Add Role or Feature via Windows Server Manager: Web Server (IIS) --> Web Server --> Security --> URL Authorization. 2. Refresh IIS Manager (if you have it open), now you will see (under the IIS Section for your site) Authorization Rules. Open this up. 3. Click on the right side panel: Add Allow Rule 4. Under Specified roles or user groups type the name of the AD group you need. eg. myDomain\myGroup and select OK.
How is alias usedis used to assign names to network paths instead of having to use full IP address
How does forwarder works?it forwards DNS requests to IP addresses in a list of priority, from top to bottom. if the first IP doesn't respond, the server will forward the request to the next IP until there is a response which is then sent back to the client