Windows 2000: Concepts & Deployment Larry Lieberman NT Support Engineer Premier Enterprise Support Microsoft Corporation

8/5/99


Click here to start


Table of Contents

Windows 2000: Concepts & Deployment Larry Lieberman NT Support Engineer Premier Enterprise Support Microsoft Corporation

Agenda

Active Directory

AD Architecture

AD Components (1/10)

AD Components (2/10) Objects

AD Components (3/10) Object Access

AD Components (4/10) Organizing the Directory

AD Components (5/10) OUs

AD Components (6/10) Domains

AD Components (7/10) Sites

AD Components (8/10) Trees And Forests

AD Components (9/10) Boundaries

AD Components (10/10) Global Catalog

Planning AD Design (1/6) Considerations

Planning AD Design (2/6) One Or More Forests

Planning AD Design (3/6) Domain Structure

Planning AD Design (4/6) Multiple Domains(1/3)

Planning AD Design (5/6) Multiple Domains(2/3)

Planning AD Design (6/6) Multiple Domains(3/3)

Microsoft DNS

DNS Requirements

MS DNS Features (1/12)

MS DNS Features (2/12) Active Directory Integration

MS DNS Features (3/12) Active Directory integration

MS DNS Features (4/12) Active Directory integration

MS DNS Features (5/12) Active Directory integration

MS DNS Features (6/12) Dynamic Update

MS DNS Features (7/12) Dynamic Update

MS DNS Features (8/12) Dynamic Update

MS DNS Features (9/12) Secure Dynamic Update

MS DNS Features (10/12) Aging/Scavenging

MS DNS Features (12/12) Caching Resolver

DNS Design (1/11) To support DC locator

DNS Design (2/11)

DNS Design (3/11)

DNS Design (4/11)

DNS Design (5/11)

DNS Design (6/11)

DNS Design (7/11)

DNS Design (8/11)

DNS Design (9/11)

DNS Design (10/11)

DNS Design (11/11) Hardware planning

Security Topics

Security Goals

Authentication/ Authorization

One Security Model: Multiple Security Protocols

NTLM Authentication

Kerberos Integration

Kerberos Protocol Advantages

Kerberos Unix Interoperability

Kerberos Auth Network Server connection

Building An Access Token with Kv5

Remote File Access Check

Architecture For Multiple Authentication Services

Windows NT 4.0 - 5.0 Interoperability

Public Key Components X.509 and PKCS Standards

Crypto API Architecture

SSL Client Authentication Integrated Security Administration

SSL Client Authentication

Client Authentication Using SmartCards

Smart Card Logon

Management Of Trust

Encrypting File System

EFS Architecture

File Encryption

File Decryption

Active Directory Security Features

Domain Trust

Managing Security

A Security Configuration

Summary (1/2)

Summary

Group Policy Objects

Group Policy Definition

Group Policy Review

Group Policy And The Active Directory

Group Policy Linked To OUs

Filtering

Example

Conclusion

PPT Slide

Author: Larry Lieberman

Email: larryli@microsoft.com