Physical Structure of Active Directory
Introduction to the Physical Structure of Active Directory
In the previous module, we discussed the relationship between the Active Directory(tm), directory structure and network organization.
You now know that the Active Directory Directory Service
enables users to access resources and allows the system administrator to track and locate any object on the network. For an administrator, this has obvious advantages. To use the Windows 2000 Server with maximum effectiveness, you must first understand the architecture of Active Directory.
The physical structure of Active Directory has a direct effect on network traffic, and in particular on network logon and replication. To optimize your network, you need to understand
- the key features and the physical structural components of Active Directory,
- the role of the domain controller,
- and the functions of each of the special types of domain controllers.
At the end of this module, you will be able to:
- Describe the physical structure of Active Directory
- Describe the purpose of defining Active Directory sites
- List the types of domain controllers and the role and function of each
- Describe the function of the global catalog server
- Define the roles of each of the operations masters
- Transfer and seize single master operations roles
The Windows 2000 Directory Service which is a database that contains information about all the objects in a Windows 2000 Domain.
Objects include: Users, Computers, Group: Printers and other objects on the network. The Active Directory is a hierarchical database which is in contrast to the Windows NT 4.0 Flat database structure.
As an administrator, you will need to learn to configure, implement, and manage Active Directory. Let us start by defining the physical structure of Active Directory.
Active Directory Administration
Designing a Forest
When designing a forest, remember that there are often multiple good answers to forest design for any given company. There is no “best” design for all situations. Microsoft has provided great flexibility in what can be done, which can turn around and bite you with indecision about how you should implement AD. It isn’t unusual for two engineers to have two very different designs for the same company that are both good for completely
different reasons. Simply document all recommended designs and let the decision makers
decide together which one will be the best for long-term operations. Overall, the
best solutions are usually the simplest solutions. In most cases, you will want to choose
single-forest designs over multi-forest designs, single-tree designs over multitree designs, and single-domain designs over multidomain designs. The design example shown here is simply that: an example. The company in question could have designed its Active
Directory infrastructure in a number of ways, and this is one of them.