Question

Discuss how Active Directory provides centralized management and administration, and introduce the tools used for this purpose.

Discuss the categorizing of Active Directory resources as well as the hierarchy in which they operate and interact with each other. Explain naming contexts within forests and the different items that can be contained within organizational units.

# No plagiarism please

Answer 1

Active directory provides variety of functions that enhance centralized management.

->Centralized internal and external user account:-it provides efficient way to store and manage your internal user account also provides centralized storage and management of your external user accounts

->Centralized policy management:-Through active directory you can centralize the definition management and deployment of security policies that safeguard each server in the solution in a manner appropriate to the roles that server plays.

->Centalized security model:-it provides a security model and implementation that defines roles for the external account together with resrticted rights associated with these roles.it also a solution for locking down various critical objects in the environment to ensure that the security model cannot be violated.

->Delegated administration:-Throug self provisioning and management application active directory can reduce management cost of hosted solutions.

The main tools:-

1.Active directory user management.

2."computer management

3." group management

4. " contact management

5. " Help desk delegation

AD architecture

1.server management design:-consider the physical server redundancy

2.user management design:-consider the design of AD for management of user accounts for resellers and customers.

Naming context:-

The Directory Tree of Active Directory tree is partitioned to allow sections to be distributed (replicated) to domain controllers in different domains within the forest. Each domain controller stores a copy of a specific part of the directory tree, called a “Naming Context” also know as Directory Partition. “Naming Context” is replicated as a unit to other domain controllers in the forest that contain a replica of the same sub tree. A “Naming Context” is also called a Directory Partition.

Different items in organizational unit

1.users

2.groups

3.computers

4.file shares

5.printer

6.security policies

7.applications