SlideShare a Scribd company logo

Directory services by SAJID

Download as PPT, PDF
S
Sajid khan

A directory service is a database containing information about network objects. LDAP is a scaled-down implementation of the X.500 standard and is used by Active Directory and eDirectory. eDirectory partitions information by location and uses replicas, while Active Directory uses multimaster replication across domains to manage Windows networks and as a phonebook. Group policy objects in Active Directory can be applied to sites, domains, and organizational units to configure settings.

Engineering
1 of 15
Downloaded 48 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Chapter 11: Directory Services
Directory Services • A directory service is a database that contains information about all objects on the network. • Directory services contain data and metadata. • Metadata is information about data. For example: A user account is data. Metadata specifies what information is included in every user account object.
Directory Services • Information within directories is organized hierarchically. This means that there is a strict set of rules as to where certain data is located within the directory based on the properties of that data. • Unlike relational databases such as SQL where information is read and written often, information is usually only read from a directory service, but rarely is it input. For example: User account data changes very little once it has been entered.
Early Directory Services • The first directory service was developed at PARC and was called Grapevine. • X.500 was developed as a directory service standard by the ISO and CCITT. • Although X.500 was developed as a comprehensive standard, as with the OSI model, it was not widely deployed on real- world LANs. • X.500 formed the basis of a standard that is widely deployed known as LDAP. • Some X.500 conventions are used in Active Directory and eDirectory.
LDAP Stands for Lightweight Directory Access Protocol. • LDAP is a scaled-down implementation of the X.500 standard. • Active Directory and eDirectory are based on LDAP. • Netscape’s Directory Server was the first wide implementation of LDAP. It was used primarily for enterprise calendaring and contact management. Netscape’s product was not used for network management. • Most LDAP directories use a single master method of replication. Changes are made to the master databases and then propagated out to subordinate databases. The disadvantage of this scheme is that it has a single point of failure. • Objects within an LDAP directory are referenced using the object’s DN (Distinguished Name). The DN consists of the RDN (Relative Distinguished Name) appended with the names of ancestor entries.
LDAP II RDN of the user object in the figure is cn=ccarpenter. DN of the user object in the figure is cn=ccarpenter,ou=mn,o=emcp,c=us.
Novell eDirectory • eDirectory is a partitioned and loosely replicated directory service. • eDirectory can be used to manage multiple operating systems. • The two primary components of eDirectory are database partitions and database replicas. • Partitions are sectioned off according to location. The partition is hosted on a server local to that location. The primary benefit of this is that authentication is localized.
Novell eDirectory Database replicas are copies of partitions. There are several different types of replicas. Master replica: First copy of partition. Read-write replica: Can be used to authenticate and make changes to objects. Used for redundancy purposes. Read-only replica: Can be used to locate information, but not to change objects. Subordinate reference: Special replicate automatically created. Used as a pointer to a target replica.
eDirectory Object Description country two letter country code locality city or state organization top level container in tree organizational unit container object, used to represent department root top level of tree Container objects are used to organize other objects within the directory. For example: You might place all of the accountant user objects within the accountants organizational unit. In eDirectory, a DN finishes at the organizational level. Objects are separated by periods. An accountant at EMCP with an user account named dmorgan, would have the DN .cn=dmorgan.ou=accountants.o=emcp.
Active Directory • Active Directory is an implementation of LDAP that uses multimaster replication. • Active Directory runs on Windows Server 2003 and Windows 2000 Server on special computers known as domain controllers. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network. • Active Directory can also be used as a type of phonebook. For example, you could query Active Directory to locate all users located on the 2nd floor of a building. Alternatively you could locate all color printers at a particular location. • Any domain controller can process directory updates. • Replication uses the RPC protocol for servers on the same LAN and the SMTP protocol for servers located across WAN links.
Active Directory Components Domain. All user accounts within a domain share a common password policy. Different password policies require separate domains. Site. Used to represent a single physical location within Active Directory. Organizational Unit (OU). Can be used to represent organizational hierarchy. OU can contain OU. Group Policy Object (GPO). Collection of policies that can be applied to domains, sites, and OUs. Forest. Collection of domains with common schema. Tree. Collection of domains with common namespace.
GPO and Delegation • Control of a particular OU can be delegated. For example: You could allow a certain user to administer all of the accountant’s user accounts, without allowing them to administer anyone else’s account. • GPO can be applied to sites, domains, and OU. • GPOs can be used to install software or to configure user environment settings. For example: You could install Microsoft Word at a particular location by creating a GPO that installs word and applying it to that location’s site. Alternatively, if you applied that same GPO to the domain, all users would have Word installed. If you applied that GPO to an OU instead, only users within that OU would have word installed.
Active Directory Naming • Active Directory naming is similar to LDAP and eDirectory, though has a slightly different format. • A user named Orin Thomas located within the Engineers OU in the melbourne.emcp.com domain of a Windows Server 2003 network would have the DN: CN=Orin Thomas,OU=Engineers,DC=Melbourne,DC=EMCP,DC=COM • DNs are often used in scripts that query information from the Active Directory database. • As an administrator you might right a script that queries the database to determine which users have not logged on to the network in the last six months.
Summary • A directory service is a database that contains information about all objects on the network. • LDAP is a scaled-down implementation of the X.500 standard. • eDirectory is a partitioned and loosely replicated directory service. • eDirectory partitions are sectioned off according to location. • eDirectory database replicas are copies of partitions. • Active Directory uses multimaster replication. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network and as a type of phonebook.
Discussion Questions  What is the difference between an Active Directory site and domain?  What is the difference between an eDirectory partition and replica?  Discuss why you would apply one GPO to a domain and another GPO to an OU.  Which Directory Service can be used to manage multiple operating systems?  What weakness exists in the LDAP replication method?

More Related Content

PPTX
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Andrejs Prokopjevs
 
PDF
Directory services
Christalin Nelson
 
PDF
My First 100 days with an Exadata (PPT)
Gustavo Rene Antunez
 
PDF
Service-Oriented Architecture (SOA)
WSO2
 
PPTX
Servers.pptx
ChSheraz3
 
PPTX
Presentation upgrade, migrate & consolidate to oracle database 12c &amp...
solarisyougood
 
PDF
IO Resource Management on Exadata
Enkitec
 
PPT
Active directory
deshvikas
 
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...
Andrejs Prokopjevs
 
Directory services
Christalin Nelson
 
My First 100 days with an Exadata (PPT)
Gustavo Rene Antunez
 
Service-Oriented Architecture (SOA)
WSO2
 
Servers.pptx
ChSheraz3
 
Presentation upgrade, migrate & consolidate to oracle database 12c &amp...
solarisyougood
 
IO Resource Management on Exadata
Enkitec
 
Active directory
deshvikas
 

What's hot (20)

PPTX
Oracle architecture ppt
Deepak Shetty
 
PPT
Active directory slides
Timothy Moffatt
 
DOC
vishnu rhcsa resume
vishnu vardhan reddy atla
 
PPTX
Optimistic concurrency control in Distributed Systems
mridul mishra
 
PDF
Oracle Enterprise Manager 12c - OEM12c Presentation
Francisco Alvarez
 
PDF
Introduction to High Performance Computing
Umarudin Zaenuri
 
PDF
DBMSArchitecture_QueryProcessingandOptimization.pdf
Christalin Nelson
 
PPT
Oracle archi ppt
Hitesh Kumar Markam
 
PDF
Cloud Computing paradigm
Vidoushi B-Somrah
 
PDF
DiskStorage_BasicFileStructuresandHashing.pdf
Christalin Nelson
 
PDF
High Performance Computing
Dell World
 
PDF
BIND’s New Security Feature: DNSRPZ - the "DNS Firewall"
Barry Greene
 
PDF
System center service manager
MusTufa Nullwala
 
PPTX
Capacity Planning For Your Growing MongoDB Cluster
MongoDB
 
PPT
Ripv2
Vivek Singh
 
PPTX
High performance computing
punjab engineering college, chandigarh
 
PPTX
Consistency in NoSQL
Dr-Dipali Meher
 
PDF
Difference between molap, rolap and holap in ssas
Umar Ali
 
PPTX
Oracle RAC features on Exadata
Anil Nair
 
PPT
Active directory ii
deshvikas
 
Oracle architecture ppt
Deepak Shetty
 
Active directory slides
Timothy Moffatt
 
vishnu rhcsa resume
vishnu vardhan reddy atla
 
Optimistic concurrency control in Distributed Systems
mridul mishra
 
Oracle Enterprise Manager 12c - OEM12c Presentation
Francisco Alvarez
 
Introduction to High Performance Computing
Umarudin Zaenuri
 
DBMSArchitecture_QueryProcessingandOptimization.pdf
Christalin Nelson
 
Oracle archi ppt
Hitesh Kumar Markam
 
Cloud Computing paradigm
Vidoushi B-Somrah
 
DiskStorage_BasicFileStructuresandHashing.pdf
Christalin Nelson
 
High Performance Computing
Dell World
 
BIND’s New Security Feature: DNSRPZ - the "DNS Firewall"
Barry Greene
 
System center service manager
MusTufa Nullwala
 
Capacity Planning For Your Growing MongoDB Cluster
MongoDB
 
Ripv2
Vivek Singh
 
High performance computing
punjab engineering college, chandigarh
 
Consistency in NoSQL
Dr-Dipali Meher
 
Difference between molap, rolap and holap in ssas
Umar Ali
 
Oracle RAC features on Exadata
Anil Nair
 
Active directory ii
deshvikas
 
Ad

Similar to Directory services by SAJID (20)

PPT
Directory Services Nma Unit-1
GPAPassedStudents
 
PPT
Active directoryfinal
Rafał Kucharski
 
PDF
Active directory
gunakhan
 
PPT
DC
swapnil dakhore
 
PPTX
network administration directory access and remote access
Sangeetha Rangarajan
 
PPT
Active diirecotry
Pradeesh Stanislavose
 
PPT
Ldap system administration
Ali Abdo
 
PPTX
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
DOC
Active directory basics
Sanjeev Gupta
 
PPT
Active Directory
Sandeep Kapadane
 
PPT
Active directory
Prasanth Menon
 
PPT
Active Directory Services
Varun Arora
 
PPTX
Installing And configuring active directory .pptx
tallawanbealynne
 
PPT
Active directory
Muuluu
 
PPT
ACTIVE-DIRECTORY.ppt
mwti2
 
DOCX
Ctive directory interview question and answers
sankar palla
 
PPT
Win2KServer Active Directory
Phil Ashman
 
PPT
ACTIVE-DIRECTORY.ppt
TrngTn67
 
PPT
Introduction_to_Active_Directory and Windows Server
navneetyohaya
 
PPT
Bh europe-01-forbes
Trieu Trieu
 
Directory Services Nma Unit-1
GPAPassedStudents
 
Active directoryfinal
Rafał Kucharski
 
Active directory
gunakhan
 
DC
swapnil dakhore
 
network administration directory access and remote access
Sangeetha Rangarajan
 
Active diirecotry
Pradeesh Stanislavose
 
Ldap system administration
Ali Abdo
 
LDAP - Lightweight Directory Access Protocol
S. Hasnain Raza
 
Active directory basics
Sanjeev Gupta
 
Active Directory
Sandeep Kapadane
 
Active directory
Prasanth Menon
 
Active Directory Services
Varun Arora
 
Installing And configuring active directory .pptx
tallawanbealynne
 
Active directory
Muuluu
 
ACTIVE-DIRECTORY.ppt
mwti2
 
Ctive directory interview question and answers
sankar palla
 
Win2KServer Active Directory
Phil Ashman
 
ACTIVE-DIRECTORY.ppt
TrngTn67
 
Introduction_to_Active_Directory and Windows Server
navneetyohaya
 
Bh europe-01-forbes
Trieu Trieu
 
Ad

Recently uploaded (20)

PDF
Cryptography and Information :Security Fundamentals
Dr. Madhuri Jawale
 
DOCX
SAR - EEEfdfdsdasdsdasdasdasdasdasdasdasda.docx
Kanimozhi676285
 
PDF
Construction of a Thermal Vacuum Chamber for Environment Test of Triple CubeS...
2208441
 
PDF
67243-Cooling and Heating & Calculation.pdf
DHAKA POLYTECHNIC
 
PPTX
Online Cab Booking and Management System.pptx
diptipaneri80
 
PDF
2025 Laurence Sigler - Advancing Decision Support. Content Management Ecommer...
Francisco Javier Mora Serrano
 
PDF
The Effect of Artifact Removal from EEG Signals on the Detection of Epileptic...
Partho Prosad
 
PDF
settlement FOR FOUNDATION ENGINEERS.pdf
Endalkazene
 
PDF
Packaging Tips for Stainless Steel Tubes and Pipes
heavymetalsandtubes
 
PDF
top-5-use-cases-for-splunk-security-analytics.pdf
yaghutialireza
 
PDF
FLEX-LNG-Company-Presentation-Nov-2017.pdf
jbloggzs
 
PDF
Advanced LangChain & RAG: Building a Financial AI Assistant with Real-Time Data
Soufiane Sejjari
 
PPT
Understanding the Key Components and Parts of a Drone System.ppt
Siva Reddy
 
PPTX
Inventory management chapter in automation and robotics.
atisht0104
 
PPTX
Information Retrieval and Extraction - Module 7
premSankar19
 
PDF
CAD-CAM U-1 Combined Notes_57761226_2025_04_22_14_40.pdf
shailendrapratap2002
 
PDF
LEAP-1B presedntation xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
hatem173148
 
PPTX
business incubation centre aaaaaaaaaaaaaa
hodeeesite4
 
PPTX
Tunnel Ventilation System in Kanpur Metro
220105053
 
PDF
20ME702-Mechatronics-UNIT-1,UNIT-2,UNIT-3,UNIT-4,UNIT-5, 2025-2026
Mohanumar S
 
Cryptography and Information :Security Fundamentals
Dr. Madhuri Jawale
 
SAR - EEEfdfdsdasdsdasdasdasdasdasdasdasda.docx
Kanimozhi676285
 
Construction of a Thermal Vacuum Chamber for Environment Test of Triple CubeS...
2208441
 
67243-Cooling and Heating & Calculation.pdf
DHAKA POLYTECHNIC
 
Online Cab Booking and Management System.pptx
diptipaneri80
 
2025 Laurence Sigler - Advancing Decision Support. Content Management Ecommer...
Francisco Javier Mora Serrano
 
The Effect of Artifact Removal from EEG Signals on the Detection of Epileptic...
Partho Prosad
 
settlement FOR FOUNDATION ENGINEERS.pdf
Endalkazene
 
Packaging Tips for Stainless Steel Tubes and Pipes
heavymetalsandtubes
 
top-5-use-cases-for-splunk-security-analytics.pdf
yaghutialireza
 
FLEX-LNG-Company-Presentation-Nov-2017.pdf
jbloggzs
 
Advanced LangChain & RAG: Building a Financial AI Assistant with Real-Time Data
Soufiane Sejjari
 
Understanding the Key Components and Parts of a Drone System.ppt
Siva Reddy
 
Inventory management chapter in automation and robotics.
atisht0104
 
Information Retrieval and Extraction - Module 7
premSankar19
 
CAD-CAM U-1 Combined Notes_57761226_2025_04_22_14_40.pdf
shailendrapratap2002
 
LEAP-1B presedntation xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
hatem173148
 
business incubation centre aaaaaaaaaaaaaa
hodeeesite4
 
Tunnel Ventilation System in Kanpur Metro
220105053
 
20ME702-Mechatronics-UNIT-1,UNIT-2,UNIT-3,UNIT-4,UNIT-5, 2025-2026
Mohanumar S
 

Directory services by SAJID

  • 2. Directory Services • A directory service is a database that contains information about all objects on the network. • Directory services contain data and metadata. • Metadata is information about data. For example: A user account is data. Metadata specifies what information is included in every user account object.
  • 3. Directory Services • Information within directories is organized hierarchically. This means that there is a strict set of rules as to where certain data is located within the directory based on the properties of that data. • Unlike relational databases such as SQL where information is read and written often, information is usually only read from a directory service, but rarely is it input. For example: User account data changes very little once it has been entered.
  • 4. Early Directory Services • The first directory service was developed at PARC and was called Grapevine. • X.500 was developed as a directory service standard by the ISO and CCITT. • Although X.500 was developed as a comprehensive standard, as with the OSI model, it was not widely deployed on real- world LANs. • X.500 formed the basis of a standard that is widely deployed known as LDAP. • Some X.500 conventions are used in Active Directory and eDirectory.
  • 5. LDAP Stands for Lightweight Directory Access Protocol. • LDAP is a scaled-down implementation of the X.500 standard. • Active Directory and eDirectory are based on LDAP. • Netscape’s Directory Server was the first wide implementation of LDAP. It was used primarily for enterprise calendaring and contact management. Netscape’s product was not used for network management. • Most LDAP directories use a single master method of replication. Changes are made to the master databases and then propagated out to subordinate databases. The disadvantage of this scheme is that it has a single point of failure. • Objects within an LDAP directory are referenced using the object’s DN (Distinguished Name). The DN consists of the RDN (Relative Distinguished Name) appended with the names of ancestor entries.
  • 6. LDAP II RDN of the user object in the figure is cn=ccarpenter. DN of the user object in the figure is cn=ccarpenter,ou=mn,o=emcp,c=us.
  • 7. Novell eDirectory • eDirectory is a partitioned and loosely replicated directory service. • eDirectory can be used to manage multiple operating systems. • The two primary components of eDirectory are database partitions and database replicas. • Partitions are sectioned off according to location. The partition is hosted on a server local to that location. The primary benefit of this is that authentication is localized.
  • 8. Novell eDirectory Database replicas are copies of partitions. There are several different types of replicas. Master replica: First copy of partition. Read-write replica: Can be used to authenticate and make changes to objects. Used for redundancy purposes. Read-only replica: Can be used to locate information, but not to change objects. Subordinate reference: Special replicate automatically created. Used as a pointer to a target replica.
  • 9. eDirectory Object Description country two letter country code locality city or state organization top level container in tree organizational unit container object, used to represent department root top level of tree Container objects are used to organize other objects within the directory. For example: You might place all of the accountant user objects within the accountants organizational unit. In eDirectory, a DN finishes at the organizational level. Objects are separated by periods. An accountant at EMCP with an user account named dmorgan, would have the DN .cn=dmorgan.ou=accountants.o=emcp.
  • 10. Active Directory • Active Directory is an implementation of LDAP that uses multimaster replication. • Active Directory runs on Windows Server 2003 and Windows 2000 Server on special computers known as domain controllers. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network. • Active Directory can also be used as a type of phonebook. For example, you could query Active Directory to locate all users located on the 2nd floor of a building. Alternatively you could locate all color printers at a particular location. • Any domain controller can process directory updates. • Replication uses the RPC protocol for servers on the same LAN and the SMTP protocol for servers located across WAN links.
  • 11. Active Directory Components Domain. All user accounts within a domain share a common password policy. Different password policies require separate domains. Site. Used to represent a single physical location within Active Directory. Organizational Unit (OU). Can be used to represent organizational hierarchy. OU can contain OU. Group Policy Object (GPO). Collection of policies that can be applied to domains, sites, and OUs. Forest. Collection of domains with common schema. Tree. Collection of domains with common namespace.
  • 12. GPO and Delegation • Control of a particular OU can be delegated. For example: You could allow a certain user to administer all of the accountant’s user accounts, without allowing them to administer anyone else’s account. • GPO can be applied to sites, domains, and OU. • GPOs can be used to install software or to configure user environment settings. For example: You could install Microsoft Word at a particular location by creating a GPO that installs word and applying it to that location’s site. Alternatively, if you applied that same GPO to the domain, all users would have Word installed. If you applied that GPO to an OU instead, only users within that OU would have word installed.
  • 13. Active Directory Naming • Active Directory naming is similar to LDAP and eDirectory, though has a slightly different format. • A user named Orin Thomas located within the Engineers OU in the melbourne.emcp.com domain of a Windows Server 2003 network would have the DN: CN=Orin Thomas,OU=Engineers,DC=Melbourne,DC=EMCP,DC=COM • DNs are often used in scripts that query information from the Active Directory database. • As an administrator you might right a script that queries the database to determine which users have not logged on to the network in the last six months.
  • 14. Summary • A directory service is a database that contains information about all objects on the network. • LDAP is a scaled-down implementation of the X.500 standard. • eDirectory is a partitioned and loosely replicated directory service. • eDirectory partitions are sectioned off according to location. • eDirectory database replicas are copies of partitions. • Active Directory uses multimaster replication. • Active Directory can be used to manage almost every aspect of a Windows Server 2003 network and as a type of phonebook.
  • 15. Discussion Questions  What is the difference between an Active Directory site and domain?  What is the difference between an eDirectory partition and replica?  Discuss why you would apply one GPO to a domain and another GPO to an OU.  Which Directory Service can be used to manage multiple operating systems?  What weakness exists in the LDAP replication method?