Active Directory Components

A range of Active Directory components are used to build a directory structure that meets the needs of your organization.There are two structure Logical and Physical. Active Directory completely separates the logical structure from the physical structure.

Logical Structures

Structure of organizational models is using domains, OUs, trees, and forests. Grouping resources logically allows you to easily find a resource by its name rather than by remembering its physical location. Because you group resources logically, Active Directory makes the network’s physical structure transparent to users.

Domains The core unit of logical structure in Active Directory is the domain, which can store millions of objects. Objects stored in a domain are very important to the network. These essential objects are printers, documents, e-mail addresses, databases, users, distributed components, and other resources. All network objects exist within a domain, and each domain stores information only about the objects it contains.Active Directory is made up of one or more domains. A domain can span more than one physical location.All network objects exist within a domain, and each domain stores information only about the objects that it contains.A domain is a security boundary. Access to domain objects is governed by access control lists (ACLs), which contain the permissions associated with the objects. Such permissions control which users can gain access to an object and what type of access they can gain. In the Windows Server 2003 family, objects include files, folders, shares, printers, and other Active Directory objects. None of the security policies and settings—such as administrative rights, security policies, and ACLs— can cross from one domain to another. You, as the domain administrator, have absolute rights to set policies only within your domain.

The domain functional level (known as domain mode in Windows 2000) provides a way to enable domain-wide Active Directory features within your network environment.

There are Four domain functional levels:

1. Windows 2000 mixed (default)
2. Windows 2000 native
3. Windows Server 2003 interim
4. Windows Server 2003

The Windows 2000 mixed functional level allows a Windows Server 2003 domain controller to interact with domain controllers in the same domain running Windows NT 4, Windows 2000, or the Windows Server 2003 family.

The Windows 2000 native functional level allows a Windows Server 2003 domain controller to interact with domain controllers in the domain running Windows 2000 or Windows Server 2003.

The Windows Server 2003 interim functional level allows a Windows Server 2003 domain controller to interact with domain controllers in the domain running Windows NT 4 or Windows Server 2003.

The Windows Server 2003 functional level allows a Windows Server 2003 domain controller to interact only with domain controllers in the domain running Windows Server 2003.

We can raise the functional level of a domain only if the domain controllers in the domain are running the appropriate version of Windows.

|| || || || || || || || || || || || || ||

Comments (0)

Subscribe to this comment's feed

Show/Hide comments

Show/Hide comment form