SlideShare una empresa de Scribd logo

Windows 2000 Infrastructure Directions Summary

W
webhostingguy
1 de 39
Descargar para leer sin conexión
Windows 2000 Infrastructure Directions
ITSS Windows 2000 Goals ,[object Object],[object Object],[object Object],[object Object],[object Object]
Illustrating a Windows 2000 Domain Domain Controller Workstations Member Server Member Server Domain Controller win.stanford.edu
Understanding Active Directory ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Domain’s Namespace (Root) win.stanford.edu OU=DeptA users . . . OU=DeptB users . . . . . . OU=Accounts
A Domain’s Namespace (Local) OU=DeptB OU=users OU=DeptA CN=li CN=smith CN=myserver CN=dc1 OU=computers su.win.stanford.edu CN=catignani CN=ws3 CN=ws2 CN=ws1 OU=users OU=computers . . . . . .
Delegating Authority ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Domain Tree ,[object Object],win.stanford.edu law.win.stanford.edu gsb.win.stanford.edu
A Forest of Domains ,[object Object],win.stanford.edu law.win.stanford.edu spinoff.company.com gsb.win.stanford.edu
Characteristics of Trees and Forests (1) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Characteristics of Trees and Forests (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Migration: Domain to Domain Windows 2000 Domain Windows NT 4 Domain
Migration: Converting Domains to OUs Windows 2000 Domain Windows NT 4 Domain Windows NT 4 Domain
Migrating: Converting Domains to a Domain Tree Windows NT 4 Domains Windows 2000 Domains
Creating a Stanford Forest ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why Join The Stanford Forest? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
More Reasons to Join ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Joining The Stanford Forest ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
An Aside: Sites ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Group Policy and GPOs OU=DeptA win.stanford.edu users . . . GPO 2 GPO 1 Policy Setting A Policy Setting B Policy Setting C Policy Setting D Policy Setting E Policy Setting X Policy Setting Y Policy Setting Z OU=DeptB users . . .
Applying Group Policy (1) 1) Apply Computer Configuration policies at boot time Domain Controller Group Policy Object Workstations/ Member Servers Computer Configuration User Configuration 2) Apply User Configuration polices at login
Applying Group Policy (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Kinds of Policies (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Kinds of Policies (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Kinds of Policies (3) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Kinds of Policies (4) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Group Policies in the Stanford Forest (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Group Policies in the Stanford Forest (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Integration With the Stanford Registry ,[object Object],[object Object],win.stanford.edu Registry LDAP Database
Active Directory and Kerberos in Windows 2000 LDAP Active Directory Domain Controller Key Distribution Center (KDC) Kerberos protocol
Illustrating Kerberos Ticket Domain Controller KDC 4) Get ticket for specific service 5) Present ticket to prove identity 1) Request TGT at login 3) Request ticket for specific service TGT Ticket TGT 2) Prove identity, then get TGT
Kerberos in Windows 2000 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Windows 2000 Accounts in the Stanford Forest: Single Sign-On Accounts (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Windows 2000 Accounts in the Stanford Forest: Single Sign-On Accounts (2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Logging Into a Single Sign-On Account stanford.edu KDC Windows 2000 KDC 1) User enters sunetid@stanford.edu 2) Request Win2K TGT 3) Request stanford.edu Realm TGT 4) Return stanford.edu Realm TGT 5) Return Win2K TGT and stanford.edu Realm TGT
Windows 2000 Accounts in the Stanford Forest: Local Accounts (1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Windows 2000 Accounts in the Stanford Forest: Local Accounts (2) ,[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
For More Information ,[object Object],[object Object]

Recomendados

PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentationwebhostingguy
 
Windows server 2008 step by-step guide for dns in small networks
Windows server 2008 step by-step guide for dns in small networksWindows server 2008 step by-step guide for dns in small networks
Windows server 2008 step by-step guide for dns in small networksOchiroo Dorj
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsRaja Waseem Akhtar
 
DNS Presentation
DNS PresentationDNS Presentation
DNS PresentationShubham Srivastava
 
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...Tũi Wichets
 
Internet Domain Names
Internet Domain NamesInternet Domain Names
Internet Domain NamesRoss University School of Medicine
 
Ctive directory interview question and answers
Ctive directory interview question and answersCtive directory interview question and answers
Ctive directory interview question and answerssankar palla
 
DNS ( Domain Name System)
DNS ( Domain Name System)DNS ( Domain Name System)
DNS ( Domain Name System)Prakhar Rastogi
 

Recomendados

PowerPoint Presentation
PowerPoint PresentationPowerPoint Presentation
PowerPoint Presentationwebhostingguy
 
Windows server 2008 step by-step guide for dns in small networks
Windows server 2008 step by-step guide for dns in small networksWindows server 2008 step by-step guide for dns in small networks
Windows server 2008 step by-step guide for dns in small networksOchiroo Dorj
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsRaja Waseem Akhtar
 
DNS Presentation
DNS PresentationDNS Presentation
DNS PresentationShubham Srivastava
 
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...
Windows Server 2008 R2 Active Directory ADFS Claims Base Identity for Windows...Tũi Wichets
 
Internet Domain Names
Internet Domain NamesInternet Domain Names
Internet Domain NamesRoss University School of Medicine
 
Ctive directory interview question and answers
Ctive directory interview question and answersCtive directory interview question and answers
Ctive directory interview question and answerssankar palla
 
DNS ( Domain Name System)
DNS ( Domain Name System)DNS ( Domain Name System)
DNS ( Domain Name System)Prakhar Rastogi
 
Domain name system
Domain name systemDomain name system
Domain name systemVivek Gautam
 
Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)Sri Prasanna
 
Domain name system
Domain name systemDomain name system
Domain name systemfordcoppenz
 
Distributed Systems Naming
Distributed Systems NamingDistributed Systems Naming
Distributed Systems NamingAhmed Magdy Ezzeldin, MSc.
 
Domain name server
Domain name serverDomain name server
Domain name serverMobile88
 
Domain name system
Domain name systemDomain name system
Domain name systemNifras Ismail
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name systemwebhostingguy
 
What is dns
What is dnsWhat is dns
What is dnsSwapna Kalangan
 
Domain name server
Domain name serverDomain name server
Domain name serverIsuru Thilakarathne
 
Domain Name System(DNS) - Overview
Domain Name System(DNS) - OverviewDomain Name System(DNS) - Overview
Domain Name System(DNS) - OverviewGunjan Panara
 
Domain name service
Domain name serviceDomain name service
Domain name serviceishapadhy
 
Domain Name System(ppt)
Domain Name System(ppt)Domain Name System(ppt)
Domain Name System(ppt)chovatiyabhautik
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name SystemABDUL GAFOOR K V
 
Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003Raja Waseem Akhtar
 
Active Directory Ii
Active Directory IiActive Directory Ii
Active Directory Iideshvikas
 
Active directory ii
Active directory iiActive directory ii
Active directory iideshvikas
 
Activedirecotryfundamentals
ActivedirecotryfundamentalsActivedirecotryfundamentals
ActivedirecotryfundamentalsShekhar Singh
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003rafiq123
 
Active directory job_interview_preparation_guide
Active directory job_interview_preparation_guideActive directory job_interview_preparation_guide
Active directory job_interview_preparation_guideabdulkalamattari
 
5595567 Windows Interview Question Answers
5595567 Windows Interview Question Answers5595567 Windows Interview Question Answers
5595567 Windows Interview Question AnswersMonique Carr
 
Active directory installation windows 2003 1
Active directory installation windows 2003 1Active directory installation windows 2003 1
Active directory installation windows 2003 1tameemyousaf
 
Lecture 6
Lecture 6Lecture 6
Lecture 6webhostingguy
 

Más contenido relacionado

La actualidad más candente

Domain name system
Domain name systemDomain name system
Domain name systemVivek Gautam
 
Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)Sri Prasanna
 
Domain name system
Domain name systemDomain name system
Domain name systemfordcoppenz
 
Domain name server
Domain name serverDomain name server
Domain name serverMobile88
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name systemwebhostingguy
 
Domain Name System(DNS) - Overview
Domain Name System(DNS) - OverviewDomain Name System(DNS) - Overview
Domain Name System(DNS) - OverviewGunjan Panara
 
Domain name service
Domain name serviceDomain name service
Domain name serviceishapadhy
 

La actualidad más candente (13)

Domain name system
Domain name systemDomain name system
Domain name system
 
Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)Naming And Binding (Distributed computing)
Naming And Binding (Distributed computing)
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Distributed Systems Naming
Distributed Systems NamingDistributed Systems Naming
Distributed Systems Naming
 
Domain name server
Domain name serverDomain name server
Domain name server
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Presentation: the domain name system
Presentation: the domain name systemPresentation: the domain name system
Presentation: the domain name system
 
What is dns
What is dnsWhat is dns
What is dns
 
Domain name server
Domain name serverDomain name server
Domain name server
 
Domain Name System(DNS) - Overview
Domain Name System(DNS) - OverviewDomain Name System(DNS) - Overview
Domain Name System(DNS) - Overview
 
Domain name service
Domain name serviceDomain name service
Domain name service
 
Domain Name System(ppt)
Domain Name System(ppt)Domain Name System(ppt)
Domain Name System(ppt)
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name System
 

Similar a Windows 2000 Infrastructure Directions Summary

Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003Raja Waseem Akhtar
 
Active Directory Ii
Active Directory IiActive Directory Ii
Active Directory Iideshvikas
 
Active directory ii
Active directory iiActive directory ii
Active directory iideshvikas
 
Activedirecotryfundamentals
ActivedirecotryfundamentalsActivedirecotryfundamentals
ActivedirecotryfundamentalsShekhar Singh
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003rafiq123
 
Active directory job_interview_preparation_guide
Active directory job_interview_preparation_guideActive directory job_interview_preparation_guide
Active directory job_interview_preparation_guideabdulkalamattari
 
5595567 Windows Interview Question Answers
5595567 Windows Interview Question Answers5595567 Windows Interview Question Answers
5595567 Windows Interview Question AnswersMonique Carr
 
Active directory installation windows 2003 1
Active directory installation windows 2003 1Active directory installation windows 2003 1
Active directory installation windows 2003 1tameemyousaf
 
Chapter04 Implementing And Managing Group And Computer Accounts
Chapter04 Implementing And Managing Group And Computer AccountsChapter04 Implementing And Managing Group And Computer Accounts
Chapter04 Implementing And Managing Group And Computer AccountsRaja Waseem Akhtar
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDSHarsh Sethi
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview Enraj240969
 
Windows Network concepts
Windows Network conceptsWindows Network concepts
Windows Network conceptsDuressa Teshome
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptxmasbulosoke
 

Similar a Windows 2000 Infrastructure Directions Summary (20)

Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003Chapter01 Introduction To Windows Server 2003
Chapter01 Introduction To Windows Server 2003
 
Active Directory Ii
Active Directory IiActive Directory Ii
Active Directory Ii
 
Active directory ii
Active directory iiActive directory ii
Active directory ii
 
Activedirecotryfundamentals
ActivedirecotryfundamentalsActivedirecotryfundamentals
Activedirecotryfundamentals
 
29041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-200329041329 interview-questions-for-server-2003
29041329 interview-questions-for-server-2003
 
Active directory job_interview_preparation_guide
Active directory job_interview_preparation_guideActive directory job_interview_preparation_guide
Active directory job_interview_preparation_guide
 
5595567 Windows Interview Question Answers
5595567 Windows Interview Question Answers5595567 Windows Interview Question Answers
5595567 Windows Interview Question Answers
 
Active directory installation windows 2003 1
Active directory installation windows 2003 1Active directory installation windows 2003 1
Active directory installation windows 2003 1
 
Lecture 6
Lecture 6Lecture 6
Lecture 6
 
Lecture 6
Lecture 6Lecture 6
Lecture 6
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
Chapter04 Implementing And Managing Group And Computer Accounts
Chapter04 Implementing And Managing Group And Computer AccountsChapter04 Implementing And Managing Group And Computer Accounts
Chapter04 Implementing And Managing Group And Computer Accounts
 
Introduction_of_ADDS
Introduction_of_ADDSIntroduction_of_ADDS
Introduction_of_ADDS
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview En
 
Ads Overview En
Ads Overview EnAds Overview En
Ads Overview En
 
Windows Network concepts
Windows Network conceptsWindows Network concepts
Windows Network concepts
 
Final domain control policy
Final domain control policy Final domain control policy
Final domain control policy
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptx
 
70 640 Lesson02 Ppt 041009
70 640 Lesson02 Ppt 04100970 640 Lesson02 Ppt 041009
70 640 Lesson02 Ppt 041009
 

Más de webhostingguy

Running and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test FrameworkRunning and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test Frameworkwebhostingguy
 
MySQL and memcached Guide
MySQL and memcached GuideMySQL and memcached Guide
MySQL and memcached Guidewebhostingguy
 
Novell® iChain® 2.3
Novell® iChain® 2.3Novell® iChain® 2.3
Novell® iChain® 2.3webhostingguy
 
Load-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web serversLoad-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web serverswebhostingguy
 
SQL Server 2008 Consolidation
SQL Server 2008 ConsolidationSQL Server 2008 Consolidation
SQL Server 2008 Consolidationwebhostingguy
 
Master Service Agreement
Master Service AgreementMaster Service Agreement
Master Service Agreementwebhostingguy
 
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...webhostingguy
 
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...webhostingguy
 
Managing Diverse IT Infrastructure
Managing Diverse IT InfrastructureManaging Diverse IT Infrastructure
Managing Diverse IT Infrastructurewebhostingguy
 
Web design for business.ppt
Web design for business.pptWeb design for business.ppt
Web design for business.pptwebhostingguy
 
IT Power Management Strategy
IT Power Management Strategy IT Power Management Strategy
IT Power Management Strategy webhostingguy
 
Excel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for MerchandisersExcel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for Merchandiserswebhostingguy
 
Parallels Hosting Products
Parallels Hosting ProductsParallels Hosting Products
Parallels Hosting Productswebhostingguy
 
Microsoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 MbMicrosoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 Mbwebhostingguy
 

Más de webhostingguy (20)

File Upload
File UploadFile Upload
File Upload
 
Running and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test FrameworkRunning and Developing Tests with the Apache::Test Framework
Running and Developing Tests with the Apache::Test Framework
 
MySQL and memcached Guide
MySQL and memcached GuideMySQL and memcached Guide
MySQL and memcached Guide
 
Novell® iChain® 2.3
Novell® iChain® 2.3Novell® iChain® 2.3
Novell® iChain® 2.3
 
Load-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web serversLoad-balancing web servers Load-balancing web servers
Load-balancing web servers Load-balancing web servers
 
SQL Server 2008 Consolidation
SQL Server 2008 ConsolidationSQL Server 2008 Consolidation
SQL Server 2008 Consolidation
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
 
What is mod_perl?
What is mod_perl?What is mod_perl?
What is mod_perl?
 
Master Service Agreement
Master Service AgreementMaster Service Agreement
Master Service Agreement
 
Notes8
Notes8Notes8
Notes8
 
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...PHP and MySQL PHP Written as a set of CGI binaries in C in ...
PHP and MySQL PHP Written as a set of CGI binaries in C in ...
 
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...Dell Reference Architecture Guide Deploying Microsoft® SQL ...
Dell Reference Architecture Guide Deploying Microsoft® SQL ...
 
Managing Diverse IT Infrastructure
Managing Diverse IT InfrastructureManaging Diverse IT Infrastructure
Managing Diverse IT Infrastructure
 
Web design for business.ppt
Web design for business.pptWeb design for business.ppt
Web design for business.ppt
 
IT Power Management Strategy
IT Power Management Strategy IT Power Management Strategy
IT Power Management Strategy
 
Excel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for MerchandisersExcel and SQL Quick Tricks for Merchandisers
Excel and SQL Quick Tricks for Merchandisers
 
OLUG_xen.ppt
OLUG_xen.pptOLUG_xen.ppt
OLUG_xen.ppt
 
Parallels Hosting Products
Parallels Hosting ProductsParallels Hosting Products
Parallels Hosting Products
 
Microsoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 MbMicrosoft PowerPoint presentation 2.175 Mb
Microsoft PowerPoint presentation 2.175 Mb
 
Reseller's Guide
Reseller's GuideReseller's Guide
Reseller's Guide
 

Windows 2000 Infrastructure Directions Summary

  • 1. Windows 2000 Infrastructure Directions
  • 2.
  • 3. Illustrating a Windows 2000 Domain Domain Controller Workstations Member Server Member Server Domain Controller win.stanford.edu
  • 4.
  • 5. A Domain’s Namespace (Root) win.stanford.edu OU=DeptA users . . . OU=DeptB users . . . . . . OU=Accounts
  • 6. A Domain’s Namespace (Local) OU=DeptB OU=users OU=DeptA CN=li CN=smith CN=myserver CN=dc1 OU=computers su.win.stanford.edu CN=catignani CN=ws3 CN=ws2 CN=ws1 OU=users OU=computers . . . . . .
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. Migration: Domain to Domain Windows 2000 Domain Windows NT 4 Domain
  • 13. Migration: Converting Domains to OUs Windows 2000 Domain Windows NT 4 Domain Windows NT 4 Domain
  • 14. Migrating: Converting Domains to a Domain Tree Windows NT 4 Domains Windows 2000 Domains
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20. Group Policy and GPOs OU=DeptA win.stanford.edu users . . . GPO 2 GPO 1 Policy Setting A Policy Setting B Policy Setting C Policy Setting D Policy Setting E Policy Setting X Policy Setting Y Policy Setting Z OU=DeptB users . . .
  • 21. Applying Group Policy (1) 1) Apply Computer Configuration policies at boot time Domain Controller Group Policy Object Workstations/ Member Servers Computer Configuration User Configuration 2) Apply User Configuration polices at login
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30. Active Directory and Kerberos in Windows 2000 LDAP Active Directory Domain Controller Key Distribution Center (KDC) Kerberos protocol
  • 31. Illustrating Kerberos Ticket Domain Controller KDC 4) Get ticket for specific service 5) Present ticket to prove identity 1) Request TGT at login 3) Request ticket for specific service TGT Ticket TGT 2) Prove identity, then get TGT
  • 32.
  • 33.
  • 34.
  • 35. Logging Into a Single Sign-On Account stanford.edu KDC Windows 2000 KDC 1) User enters sunetid@stanford.edu 2) Request Win2K TGT 3) Request stanford.edu Realm TGT 4) Return stanford.edu Realm TGT 5) Return Win2K TGT and stanford.edu Realm TGT
  • 36.
  • 37.
  • 38.
  • 39.