Introduzione ad Active Directory 3/27/2017 2:27 AM Introduzione ad Active Directory Renato Francesco Giorgini RenatoFrancesco.Giorgini@microsoft.com © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Serie Webcast Active Directory: 3/27/2017 2:27 AM Serie Webcast Active Directory: Introduzione ad Active Directory Progettazione di Active Directory Recovery e troubleshooting di Active Directory Gestione della sicurezza di Active Directory © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di Active Directory Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di AD Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Cos’è un Servizio di Directory? 3/27/2017 2:27 AM Cos’è un Servizio di Directory? È un servizio che aiuta a tracciare e a trovare oggetti in rete Active Directory Management Computer Servizi Files Utenti © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Cosa posso fare con Active Directory? 3/27/2017 2:27 AM Cosa posso fare con Active Directory? Ricerca di Utenti, Computer, Stampanti, Share di Rete, Servizi distribuiti, Indirizzi Email Per l’Autenticazione Per l’Autorizzazione all’accesso alle risorse Per fare Auditing Per gestire l’installazione del Software Per gestire la configurazione dei PC (Policy) © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Oggetti e Attributi Oggetti: Computer, Utenti, Gruppi 3/27/2017 2:27 AM Oggetti e Attributi Oggetti: Computer, Utenti, Gruppi CN: Canonical Name RDN: Relative Distingushed Name Attributi Oggetti Proprietà comuni utilizzabili da più oggetti © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
I “Domini” in Active Directory 3/27/2017 2:27 AM I “Domini” in Active Directory Confine di Autenticazione Confine per le Policy CONTOSO.COM Confine di Replica © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Struttura Domini Active Directory 3/27/2017 2:27 AM Struttura Domini Active Directory Schema Condiviso CONTOSO.COM Configurazione US.CONTOSO.COM Global Catalog OHIO.US.CONTOSO.COM © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Trust Transitivi tra Domini 3/27/2017 2:27 AM Trust Transitivi tra Domini CONTOSO.COM UK.CONTOSO.COM US.CONTOSO.COM © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Foreste Active Directory 3/27/2017 2:27 AM Foreste Active Directory CONTOSO.COM FABRIKAM.COM US.CONTOSO.COM UK.FABRIKAM.COM Schema Global Catalog Configurazione © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
3/27/2017 2:27 AM Domini e Trust © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Organizational Unit Organizzate in base: CONTOSO.COM 3/27/2017 2:27 AM Organizational Unit Organizzate in base: Necessità amministrative Stessi requisiti Delega permessi Group Policy Configurazione Sicurezza OU Admin OU Security OU Policy CONTOSO.COM © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Utilizzo delle Organizational Unit 3/27/2017 2:27 AM Utilizzo delle Organizational Unit Sales Department London Desktops Marketing Department Printers New York Hardware Devices © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Organizational Units 3/27/2017 2:27 AM © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di AD Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Domain Controllers DC PDC DC BDC BDC DC Windows Server 2003 3/27/2017 2:27 AM Domain Controllers DC PDC DC BDC BDC DC Windows NT 4.0 Windows Server 2003 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Siti Active Directory I Siti sono utilizzati per: Sito A WAN Link 3/27/2017 2:27 AM Siti Active Directory Sito A WAN Link I Siti sono utilizzati per: Localizzare servizi Ottimizzare la Replica Definire le Policy Sito B © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Siti e Domini Sito A US.CONTOSO.COM CONTOSO.COM Sito B 3/27/2017 2:27 AM Siti e Domini Sito A US.CONTOSO.COM CONTOSO.COM Sito B © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Global Catalog È una struttura “trasversale” rispetto ai Domini 3/27/2017 2:27 AM Global Catalog È una struttura “trasversale” rispetto ai Domini Contiene gli attributi degli oggetti Viene utilizzato per le ricerche È presente nei Domain Controller © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Siti e Global Catalog 3/27/2017 2:27 AM © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di AD Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Processo di ricerca nel DNS 3/27/2017 2:27 AM DNS Il Domain Naming System permette di trovare servizi e risorse nella rete Processo di ricerca nel DNS DNS Server DC Servizio richiesto Informazioni sul Sito Indirizzi IP Record SVR Cache © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Server DNS e requisiti per AD 3/27/2017 2:27 AM Server DNS e requisiti per AD BIND 8.1.2 Windows NT Windows 2000 Windows Server 2003 Dynamic Update* AD Integration Secure Update SRV Records* * Necessari per poter usare Active Directory © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Migrazione DNS Aggiornamento a BIND 9.x Aggiornamento server DNS Microsoft Delega ad un server DNS Microsoft © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
3/27/2017 2:27 AM DNS © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di AD Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Replication Scope All’interno del Dominio All’interno della Foresta: 3/27/2017 2:27 AM Replication Scope All’interno del Dominio NC Dominio All’interno della Foresta: NC Schema NC Configurazione © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Replication Scope Tra Siti differenti (Compresso) All’interno del Sito 3/27/2017 2:27 AM Replication Scope Tra Siti differenti (Compresso) All’interno del Sito (Token Ring) © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
3/27/2017 2:27 AM Replica © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Agenda Componenti logici di AD: Domini, Foreste 3/27/2017 2:27 AM Agenda Componenti logici di AD: Domini, Foreste Componenti fisici di AD: Domain Controller, Siti Domain Naming Service (DNS) Replica di AD Operations master © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Operations Masters Eseguono operazioni in modo esclusivo 3/27/2017 2:27 AM Operations Masters Eseguono operazioni in modo esclusivo Sono utilizzati per Ruoli specifici di AD Di default, tutti i ruoli sono attivati nel primo Domain Controller installato © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Ruoli Operations Master 3/27/2017 2:27 AM Ruoli Operations Master Ruoli Foresta Ruoli Dominio Schema Master PDC Emulator RID Master Domain Master Infrastructure © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
3/27/2017 2:27 AM Riepilogo Active Directory permette di gestire e di controllare in modo efficace le risorse di rete, i computer, gli account Utente. Le Organizational Unit sono uno strumento flessibile per la gestione e l’organizzazione degli oggetti all’interno di AD Il DNS di Windows Server permette di sfruttare un’integrazione maggiore con AD aumentando anche la sicurezza La replica di AD permette di ottimizzare il traffico di rete proteggendo i dati replicati © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
© 2005 Microsoft Corporation. All rights reserved. 3/27/2017 2:27 AM RenatoFrancesco.Giorgini@microsoft.com http://blogs.technet.com/italy © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.