Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 320 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
320
Dung lượng
4,64 MB
Nội dung
Part Number: X05-39393 Course Number: 1561B Released: 2/00 Delivery Guide Designinga Microsoft ® Windows ® 2000DirectoryServicesInfrastructure Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation. If, however, your only means of access is electronic, permission to print one copy is hereby granted. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2000 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows NT, Active Directory, BackOffice, PowerPoint, Visual Basic, and Visual Studio are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Other product and company names mentioned herein may be the trademarks of their respective owners. Project Lead: Andy Sweet (S&T OnSite) Instructional Designers: Andy Sweet (S&T OnSite), Ravi Acharya (NIIT), Sid Benavente, Richard Rose, Kathleen Norton Instructional Design Consultants: Paul Howard, Susan Greenberg Program Managers: Lorrin Smith-Bates (Volt), Megan Camp (Independent Contractor) Technical Contributors: Angie Fultz, Lyle Curry, Brian Komar (3947018 Manitoba, Inc.), Jim Clark (Infotec Commercial Systems), Bill Wade (Excell Data Corporation), David Stern, Steve Tate, Greg Bulette (Independent Contractor), Kathleen Cole (S&T OnSite) Graphic Artist: Kirsten Larson (S&T OnSite) Editing Manager: Lynette Skinner Editor: Jeffrey Gilbert (Wasser) Copy Editor: Patti Neff (S&T Consulting) Online Program Manager: Debbi Conger Online Publications Manager: Arlo Emerson (Aditi) Online Support: Eric Brandt (S&T Consulting) Multimedia Development: Kelly Renner (Entex) Testing Leads: Sid Benavente, Keith Cotton Testing Developer: Greg Stemp (S&T OnSite) Compact Disc and Lab Testing: Testing Testing 123 Production Support: Ed Casper (S&T Consulting) Manufacturing Manager: Rick Terek (S&T OnSite) Manufacturing Support: Laura King (S&T OnSite) Lead Product Manager, Development Services: Bo Galford Lead Product Managers: Dean Murray, Ken Rosen Group Product Manager: Robert Stewart Course Number: 1561B Part Number: X05-39393 Released: 2/00 # 'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH##LLL# &RQWHQWV## ,QWURGXFWLRQ Course Materials 2 Prerequisites .3 Course Outline .4 Microsoft Official Curriculum .6 Microsoft Certified Professional Program .7 Facilities .9 0RGXOH#4=#,QWURGXFWLRQ#WR#'HVLJQLQJ#D#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH Overview 1 Role of Active Directory in an Enterprise 2 Conducting an Organizational Analysis 3 Architectural Elements of Active Directory 7 Review .15 0RGXOH#5=#'HVLJQLQJ#DQ#$FWLYH#'LUHFWRU\#1DPLQJ#6WUDWHJ\ Overview 1 Identifying Business Needs 2 DNS and Active Directory .3 Planning Active Directory Domain Names .7 Designinga DNS Naming Strategy for Active Directory 11 Lab A: Designing an Active Directory Naming Strategy 22 Review .31 0RGXOH#6=#'HVLJQLQJ#$FWLYH#'LUHFWRU\#WR#'HOHJDWH#$GPLQLVWUDWLYH# $XWKRULW\ Overview 1 Identifying Business Needs 2 Characterizing the IT Organization 4 Developing a Strategy for Administrative Design .5 Developing a Strategy for Delegation 15 Lab A: Designing Delegated Administration .24 Review .35 0RGXOH#7=#'HVLJQLQJ#D#6FKHPD#3ROLF\ Overview 1 Identifying Business Needs 2 Schema Fundamentals .3 Implications of Modifying the Schema 9 Planning for Schema Modification 11 Lab A: Modifying the Schema .20 Review .27 LY##'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH# 0RGXOH#8=#'HVLJQLQJ#$FWLYH#'LUHFWRU\#WR#6XSSRUW#*URXS#3ROLF\ Overview . 1 Identifying Business Needs . 2 Applying Group Policy in Active Directory . 4 Planning for Group Policy 10 Lab A: Designing Group Policy and a Supporting Active Directory Structure 21 Review 32 0RGXOH#9=#'HVLJQLQJ#DQ#$FWLYH#'LUHFWRU\#'RPDLQ Overview . 1 Identifying Business Needs . 2 Designing the Initial Active Directory Domain 3 Planning for Security Groups 4 Discussion: Designing Security Groups 9 Planning for OUs 11 Lab A: Designinga Group and Organizational Unit Strategy 15 Review 22 0RGXOH#:=#'HVLJQLQJ#D#0XOWLSOH0'RPDLQ#6WUXFWXUH Overview . 1 Identifying Business Needs . 2 Accessing Resources Between Domains 5 Planning for Multiple-Domain Trees 9 Planning for Multiple-Tree Forests . 13 Planning for Multiple Forests . 16 Lab A: Designinga Multiple-Domain Structure . 19 Review 23 0RGXOH#;=#'HVLJQLQJ#DQ#$FWLYH#'LUHFWRU\#6LWH#7RSRORJ\ Overview . 1 Using Sites in Active Directory 2 Assessing the Need for Active Directory Sites . 5 Using Site Links in a Network 9 Planning the Inter-Site Replication Topology . 14 Planning for Server Placement in Sites . 19 Demonstration: Active Directory Sizer . 23 Lab A: Planning Sites to Control Active Directory Replication . 24 Review 35 0RGXOH#<=#'HVLJQLQJ#DQ#$FWLYH#'LUHFWRU\#,QIUDVWUXFWXUH Overview . 1 Conducting an Organizational Analysis 2 Designing an Active Directory Structure 11 Creating a Functional Specification 20 Lab A: Designing an Active DirectoryInfrastructure . 21 Review 31 # 'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH##Y# $ERXW#7KLV#&RXUVH# This section provides you with a brief description of the course, audience, suggested prerequisites, and course objectives. 'HVFULSWLRQ# This course provides students with the knowledge and skills necessary to design a Microsoft ® Windows ® 2000directoryservicesinfrastructure in an enterprise environment. After completion of this course, a student will be able to identify the business and administrative needs of an organization that impact the design of the Active Directory ™ directory service. The student will be able to describe key decision points for naming, delegation of authority, domain design, and site topology design. The student will then be able to translate the business needs of an organization into an Active Directory design that meets those needs. $XGLHQFH# This course is intended for senior support professionals, architects, and consultants responsible for developing an Active Directory design based on the business needs of an organization. This course is also appropriate for those who are on the Microsoft Certified Systems Engineer Windows 2000 track and wish to acquire the skills necessary to design an Active Directoryservices infrastructure. 6WXGHQW#3UHUHTXLVLWHV# This course requires that students meet the following prerequisites: • Course 1560, Updating Support Skills from Microsoft Windows NT 4.0 to Microsoft Windows 2000, or equivalent knowledge and skills. OR • Course 2154, Implementing and Administering Microsoft Windows 2000Directory Services, or equivalent knowledge and skills. &RXUVH#2EMHFWLYHV# At the end of this course, the student will be able to: „# Describe guidelines for gathering business and administrative information from an organization and explain how an architect uses that information to design an Active Directory for an enterprise. „# Design an Active Directory naming strategy that accommodates the organizational structure of a business. „# Develop a plan to secure and delegate administrative authority over Active Directory objects based on the administrative model of an organization. „# Identify business needs and scenarios that may require modification of the Active Directory schema, and plan a policy to govern schema modification. „# Create an Active Directory design based on administrative Group Policy requirements defined by business needs. YL##'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH# „# Design an Active Directory domain and the organizational unit hierarchy within the domain. „# Identify situations where a multiple-domain Active Directory structure may be necessary to meet the administrative and security needs of an organization, and then design a structure that meets those needs. „# Design a site topology for managing Active Directory replication that fulfills the administrative needs of an organization and that optimizes the available bandwidth of the physical network. „# Design an Active Directory structure that combines administrative, replication, and naming requirements. # 'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH##YLL# &RXUVH#7LPLQJ# The following schedule is an estimate of the course timing. Your timing may vary. 'D\#4# Start End Module 9:00 9:30 Introduction 9:30 10:00 Module 1: Introduction to DesigningaDirectoryServicesInfrastructure 10:00 10:15 Break 10:15 11:15 Module 2: Designing an Active Directory Naming Strategy 11:15 12:15 Lab A: Designing an Active Directory Naming Strategy 12:15 1:15 Lunch 1:15 2:30 Module 3: Designing Active Directory to Delegate Administrative Authority 2:30 3:00 Lab A: Designing Delegated Administration 3:00 3:15 Break 3:15 3:45 Lab A: Designing Delegated Administration (continued) 'D\#5# Start End Module 9:00 9:15 Day 1 review 9:15 10:15 Module 4: Designinga Schema Policy 10:15 10:30 Break 10:30 11:00 Lab A: Modifying the Schema 11:00 11:45 Module 5: Designing Active Directory to Support Group Policy 11:45 12:45 Lunch 12:45 2:30 Lab A: Designing Group Policy and a Supporting Active Directory Structure 2:30 2:45 Break 2:45 3:30 Module 6: Designing an Active Directory Domain 3:30 4:45 Lab A: Designinga Group and Organizational Unit Strategy YLLL##'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH# 'D\#6# Start End Module 9:00 9:15 Day 2 review 9:15 10:00 Module 7: Designinga Multiple-Domain Structure 10:00 10:30 Lab A: Designinga Multiple-Domain Structure 10:30 10:45 Break 10:45 11:45 Module 8: Designing an Active Directory Site Topology 11:45 12:30 Lab A: Planning Sites to Control Active Directory Replication 12:30 1:30 Lunch 1:30 2:00 Module 9: Designing an Active DirectoryInfrastructure 2:00 3:30 Lab A: Designing an Active DirectoryInfrastructure # 'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH##L[# 7UDLQHU#0DWHULDOV#&RPSDFW#'LVF#&RQWHQWV# The Trainer Materials compact disc contains the following files and folders: „# Default.htm. This file opens the Trainer Materials Web page. „# Readme.txt. This file contains a description of the compact disc contents and setup instructions in ASCII format (non-Microsoft Word document). „# 1561b_sg.doc. This file is the Classroom Setup Guide. It contains a description of classroom requirements, classroom configuration, and classroom setup instructions. „# Errorlog. This folder contains a template that is used to record any errors and corrections that you find in the course. „# Fonts. This folder contains fonts that are required to view the Microsoft PowerPoint ® presentation and Web-based materials. „# Mplayer. This folder contains files that are required to install Microsoft Windows Media Player. „# Powerpnt. This folder contains the PowerPoint slides that are used in this course. „# Pptview. This folder contains the PowerPoint Viewer, which is used to display the PowerPoint slides. „# Studntcd. This folder contains the Web page that provides students with links to resources pertaining to this course, including additional reading, review and lab answers, lab files, multimedia presentations, and course- related Web sites. „# Tprep. This folder contains the Trainer Preparation Presentation, a narrated slide show that explains the instructional strategy for the course and presentation tips and caveats. To open the presentation, on the Trainer Materials Web page, click Trainer Preparation Presentation . [##'HVLJQLQJ#D#0LFURVRIWŠ#:LQGRZVŠ#5333#'LUHFWRU\#6HUYLFHV#,QIUDVWUXFWXUH# 6WXGHQW#0DWHULDOV#&RPSDFW#'LVF#&RQWHQWV# The Student Materials compact disc contains the following files and folders: „# Default.htm. This file opens the Student Materials Web page. It provides students with resources pertaining to this course, including additional reading, review and lab answers, lab files, multimedia presentations, and course-related Web sites. „# Readme.txt. This file contains a description of the compact disc contents and setup instructions in ASCII format (non-Microsoft Word document). „# AddRead. This folder contains additional reading pertaining to this course. If there are no additional reading files, this folder does not appear. „# Answers. This folder contains answers to the module review questions and hands-on labs. „# Appendix. This folder contains appendix files for this course. If there are no appendix files, this folder does not appear. „# Fonts. This folder contains fonts that are required to view the PowerPoint presentation and Web-based materials. „# Labfiles. This folder contains files that are used in the hands-on labs. These files may be used to prepare the student computers for the hands-on labs. „# Media. This folder contains files that are used in multimedia presentations for this course. If this course does not include any multimedia presentations, this folder does not appear. „# Mplayer. This folder contains files that are required to install Microsoft Windows Media Player. „# Pptview. This folder contains the PowerPoint Viewer, which is used to display the PowerPoint presentations that accompany the additional reading. If there are no PowerPoint presentations, this folder does not appear. „# Webfiles. This folder contains the files that are required to view the course Web page. To open the Web page, open Windows Explorer, and in the root directory of the compact disc, double-click Default.htm . „# Wordview. This folder contains the Word Viewer that is used to view any Word document (.doc) files that are included on the compact disc. If no Word documents are included, this folder does not appear. [...]... with Microsoft®Windows®2000 and Microsoft BackOffice® Microsoft Certified Database Administrator (MCDBA) MCDBAs are qualified to derive physical database designs, develop logical data models, create physical databases, create data services by using Transact-SQL, manage and maintain databases, configure and manage security, monitor and optimize databases, and install and configure Microsoft SQL Server™... Domain Tree OU Domain Forest Domain OU OU Domain Objects Tree Domain Domain Active Directory in Windows 2000 is a network directory service Administrators use Active Directory to define, arrange, and manage objects, such as user data, printers, and servers, so that they are available to users and applications throughout the organization Objects in Active Directory are logically organized into a hierarchical... identify and document the administrative needs of an organization as they relate to Active Directory design Based on the administrative model of an organization, you will develop a plan to secure and delegate administrative authority over Active Directory objects Module 4, Designinga Schema Policy,” introduces the Active Directory schema and its components and explains how schema modifications affect Active... will be able to design a site topology for managing Active Directory replication that fulfills the administrative needs of an organization and also optimizes the available bandwidth of the physical network Module 9, Designing an Active Directory Infrastructure, ” summarizes the information provided in the previous modules and presents a framework for creating an Active Directory infrastructure At the... hierarchical structure The objects that create the overall structural hierarchy in Active Directory are: „# Domains This is the core unit of Active DirectoryA domain is a container of objects that share security requirements, replication processes, and administration Active Directory uses a multi-master replication model in which all domain controllers are equal „# Organizational units (OUs) An OU is a container... a container object that is used to organize objects within a domain into logical administrative groups Within a domain, OUs form a hierarchical structure based on the organization’s administrative model Multiple domains within a single Active Directory can create additional structure in the form of: „# Trees A tree is a hierarchical arrangement of one or more domains with a single root name Domains... 'RPDLQ#1DPHV Domain Name System Domain Name System (DNS) (DNS) nwtraders.msft nwtraders.msft Active Directory follows the Domain Name System (DNS) standard as a basis for naming domains Active Directory also uses DNS as the domain locator service You can use DNS for name resolution of the organization’s internal resources, such as its intranet, and external resources, such as the Internet An organization’s... Directory is adirectory service Define the features of a typical directory service Then, describe the added functionality that Active Directory provides „# Conducting an Organizational Analysis Explain that prior to creating the design of the Active Directory infrastructure, an architect must have a thorough understanding of the organization and its needs Emphasize that the business needs rather than the... indicated, you can use lowercase letters when you type adirectory name or file name in a dialog box or at a command prompt ALL CAPITALS Indicate the names of keys, key sequences, and key combinations — for example, ALT+SPACEBAR PRQRVSDFH# Represents code samples, examples of screen text, or entries that you type at a command prompt or in initialization files [] In syntax statements, enclose optional... to support administrator needs These needs may be different from the business practices of the organization Identify and analyze the current administrative model, and determine if any improvements can be made „# Anticipate Growth and Reorganization An Active Directory structure has an anticipated life span of three to five years When designing the Active Directory structure, you must anticipate future . of an organization and also optimizes the available bandwidth of the physical network. Module 9, Designing an Active Directory Infrastructure, ” summarizes. organization as they relate to Active Directory design. Based on the administrative model of an organization, you will develop a plan to secure and delegate