The Active Directory is the service of catalogues included in system Server Windows 2000. It expands opportunities of catalogues existing before services on base Windows and adds completely new opportunities. The service of catalogues the Active Directory provides safety, distribution and an opportunity of splitting into sections. It is designed for installation in system of any size – from a single server with several hundreds objects up to system from thousand servers with millions objects. The service of catalogues gives the Active Directory many the new opportunities facilitating search and management of great volumes given and allowing to save time as to managers, and end users.
We will write a custom essay sample
on Active Directory or any similar
topic specifically for you
Some from concepts and the terms used for the description of service of catalogues the Active Directory are new, and the some of them were used earlier. Unfortunately, the part of existing terms is ambiguous – by them different concepts can be designated.
The scope of service of catalogues the Active Directory is rather extensive. It can include each single object (printer, file, user) each server and each domain in one global network. It also can include the incorporated global networks. The service of catalogues the Active Directory can deal both with a single computer, and with a separate computer network or set of the incorporated computer networks.
The service of catalogues the Active Directory is, first of all, space of names, as well as any service of catalogues. The “space of names” is for example, the telephone directory. The space of names is any limited area in which the set name can be authorized. The sanction of a name is a translation process of a name in that object or those data which this name represents. The telephone directory is the space of names in which surnames of subscribers are resolved as telephone numbers, or in telephone numbers. File system Windows forms space of names in which the name of a file is authorized in a file. The service of catalogues the Active Directory forms space of names in which the name of object in the catalogue isauthorized in object
Page 2 Active Directory Essay
Speaking about Active Directory it necessary to point out such notion as “domain” The separate area of safety in computer network Windows NT or Windows 2000 (the additional information on domains can be found in the documentation on Windows) refers to as the domain. The serviceof catalogues can cover the Active Directory of one or several domains. On an independent workstation the domain is the computer.
From the physical point of view the domain can include the computers located in different places. In each domain the policy of safety and the relations of safety operate with other domains. If some domains are connected by confidential relations and have the same circuit, a configuration and the global catalogue, we have a tree of domains. Some trees of domains can be incorporated into a tree.
The circuit of service of catalogues the Active Directory is realized as a set of copies of classes of objects which are stored in the catalogue. It differs from many catalogues in which the circuit exists, but is stored as a text file which should be read at start. Storage of the circuit in the catalogue gives many advantages. For example, the user appendices can, when reading the circuit, to define what objects and properties are accessible to them.
In service of catalogues the Active Directory the circuit can dynamically be updated. It means, that the appendix can expand the circuit, adding to it the new attributes and classes, and then to take advantage of this expansion. Updating of the circuit is carried out by creation or change of objects of the circuit which are stored in the catalogue. As well as all objects in service of catalogues of the Active Directory, objects of the circuit are protected by lists of management of access (ACL – Lists of the Control Access), therefore change circuit can only the users, possessing corresponding powers.
Administration of service of catalogues the Active Directory is carried out by proxy users. The user with more large powers gives other user an opportunity to carry out the specified set of actions above the specified objects and classes of objects in certain sub-tree of the catalogue. It refers to as the delegation of administrative powers. Delegation of administrative powers allows to carry out rather detailed control regarding who has the right to make, and also allows to delegate powers, giving only those rights which are necessary.
Improvements in service Active Directory give significant strategic advantages to the average and large enterprises, providing more high efficiency of work of managers and users. Being based on the base incorporated in Windows 2000, Windows Server 2003 raises universality, controllability and reliability of the Active Directory. Potential benefit for the organizations consists in the further reduction of expenses at increase of efficiency of sharing of various elements of the enterprise and management of them.
The new important opportunities which have appeared in Active Directory have made structure of catalogues of this service one of the most flexible in the today’s market. Now, when the appendices working with services of catalogues, win the increasing distribution, the organizations can use opportunities Active Directory for management of a corporate network environment of as much as complex structure. In any variants of application – from the centers of the data of the Internet up to the big distributed enterprises with the set of branches – the improvements distinguishing family Windows Server 2003, simplify administration and raise productivity and efficiency that makes these systems extremely by the universal decision
Transition on Active Directory became a more simple task due to a number of improvements by Active Directory Migration Tool (ADMT). In ADMT 2.0 the carrying of passwords from Microsoft Windows NT ® 4.0 in Windows 2000 and Windows Server 2003, and also from domains Windows 2000 in domains Windows Server 2003 is allowed.
Additional functions of safety facilitate management of set of trees and inter-domain confidential relations. Inter-tree confidential relations represent new type of confidential relations in Windows, providing management of relations of safety between two trees. They considerably simplify administration of safety and check of authenticity between two trees. Safe access to resources from other trees needlessly is given users to endow a uniform input and the administrative advantages connected to an opportunity to have only one name of the user and the password in a domestic tree of the user. Thus the flexibility necessary that some division or zones is provided could have own trees, not losing thus the access to the advantages of Active Directory.
Windows Server 2003 includes the following improvements for Active Directory – services of catalogues, for the first time appeared in Windows 2000:
-opportunity of renaming of the domain Active Directory after its expansion
-simplification of change of the circuit Active Directory – for example, switching-off of attributes and classes.
-the improved user interface for management of the catalogue (it became possible to move, for example, objects by their dragging and simultaneously to change properties of several objects).
-the improved control facilities a group policy including program Group Policy Management Console
In conclusion it must be said that Active Directory remains to be a powerful and efficient facility which was significantly improved in server 2003. Thus, the reputation of Active Directory as the main devise systematizing system catalogues is completely justified.
1. Allen, R., Lowe-Norris, A., (2003). Active Directory. O’Reilly.See More on Tool, Windows