active directory
0 7 fiszek patrykdastych
Pytanie  |
Odpowiedź |
|||
|---|---|---|---|---|
|
domain controller
|
windows server that is running active directory one domain controller = one domain controled, two domains means two domain controller(there were some ways to cheat it but they are shit)
|
|||
|
active directory
|
manages authentication and authorization, grants access or blocks access to some resources, privileges
|
|||
|
ad objects
|
users - users, machines - any machine that is connected to ad will be created automaticlly HOSTNAME$ OU - organizational unit, used to organize objects, one user can be only in one ou security groups - can have many users, and one user can have many security groups
|
|||
|
forest tree domain
|
forest can have two namespace independent domains: thm, mht, forest is a collection of one or more domain trees domains are used to group and manage objects tree can have a lot of domains: thm(root), uk. thm, us. thm, a hierarchy of domains
|
|||
|
GPO
|
group policy, simply a collection of settings that tells what user/computer can do gpo applied at the lowest level has the higher priority(ou has higher priority than whole domain), local policy has the lowest priority(ad overwrites local shit) it can be applied on ou or whole domain
|
|||
|
kerberos
|
auth and auth protocol, KDC(Key Distribution Center) often this role is performed by domain controller, in KDC we got auth server(AS) and ticket granting server(TGC) then tgs it sends key that allows to talk with other auth server has long term key with every computer, if some computer wants to talk with the other computer it talks to auth server and then it talks to ticket granting server which looks if this computer has permission
|
|||
|
ad ds
|
active directory domain services we use this servcies to manage computers/users in network(ldap for example); NTDS, NTDS. dit contains information of ad dc as well as password hashes we need domain controller to install this
|
|||
