Sie sind auf Seite 1von 14

Active Directory

What Is Active Directory? Active Directory is a Directory Service which contains Information of All User Accounts and Shared Resources on a Network. Active Directory is a Centralized Hierarchical Directory Database

What Does Active Directory Do? Centralizes control of Network Resources Centralizes & Decentralizes resource management Stores objects securely in a logical structure Optimizes Network traffic PURPOSE OF ACTIVE DIRECTORY Provides User Logon and Authentication Services using Kerberos to organize and manage: - User Accounts -Computers - Groups - Network Resources FEATURES OF ACTIVE DIRECTORY Fully Integrated Security Easy Administration using Group Policy Flexible Structure of Active Directory 1. Logical Structure 2.Physical Structure 1. Logical Structure of Active Directory Domain TREE -Parent/Root - Child/Branch Forest 2. Physical Structure of Active Directory o Domain controllers o Site


Ip address Sub DNS

Requirement for install and configure Active directory:

- group of systems (pc's) - CD of windows 2003 server - name for the Domain system ( - Ram 256mb - Free space at least 2GB in HDD 1- start run type ( DCPROMO )

2- click Next 3- click Next

4- Select ( Domain Controller For New domain ) - click Next

5- select ( Domain in new forest ) - click Next

6- give your domain name eg: ( ) - click Next

7- in domain net Bois (mcse dont change name ) - click Next

8- Database - - click Next

9- folder location - click Next

10- Select install and configure the DNS - click next

11- select permissions compatible only with windows 2000 or 2003 - click Next

12- if you wont password give your password or not - click Next

13- in summary - click Next

14- Now the configure is start pleas wait

15 if the configuration need CD of windows 2003server insert the CD 16-after configuration completed - click finish

17- select restart Now

How can check the active directory install or not? 1. (Start program - administrative tool) A- active directory domain and trust B- active directory sites and service C- active directory user and computer D- domain controller security policy E- domain security policy

2-in command prompt there is two commands: - Start run type (CMD) ok 1- Type In c:\net accounts <enter > It show you in computer Role PRIMARY that mean it is existing

* Or else workgroup that mean it is not existing 2- start run type ( CMD ) c:\gettype < enter> It show you in computer Role domain controller that mean it is existing

* Or else workgroup

that mean it does not exist

How to join member server or client to a domain 1.Member server(2000 advance server,2003 server ,2008 server) : if a server operator system joint to domain called as Member Server( it is a server which can be host service (DNS ,DHCP,IIS, etc )) 2. Clients operator system: (vista,xp 7,XP pro, 2000 pro win 98 win me ) If the Clients operator system joint to domain is called client services which cannot be hosting in client joint member server or Clients operator system to domain : 1- in IP give the DNS IP of server domain controller ( To assigning IP Address)

2- right click in my computer select properties

3- select computer name

4- in computer name select Change 5- in member of select DOMAIN and give your domain name (

6- give the administrator of the domain and password

7- click ok

9- click yes