Atjaunināt sīkdatņu piekrišanu

E-grāmata: Active Directory: Designing, Deploying, and Running Active Directory

3.85/5 (166 ratings by Goodreads)
  • Formāts: 738 pages
  • Izdošanas datums: 11-Apr-2013
  • Izdevniecība: O'Reilly Media
  • Valoda: eng
  • ISBN-13: 9781449320010
Citas grāmatas par šo tēmu:
  • Formāts - PDF+DRM
  • Cena: 46,20 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
Active Directory: Designing, Deploying, and Running Active DirectoryPalielināt
  • Formāts: 738 pages
  • Izdošanas datums: 11-Apr-2013
  • Izdevniecība: O'Reilly Media
  • Valoda: eng
  • ISBN-13: 9781449320010
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

Provides information on the features, functions, and implementation of Active Directory, covering such topics as management tools, searching the AD database, and the Kerberos security protocol.

Organize your network resources by learning how to design, manage, and maintain Active Directory. Updated to cover Windows Server 2012, the fifth edition of this bestselling book gives you a thorough grounding in Microsoft’s network directory service by explaining concepts in an easy-to-understand, narrative style.

You’ll negotiate a maze of technologies for deploying a scalable and reliable AD infrastructure, with new chapters on management tools, searching the AD database, authentication and security protocols, and Active Directory Federation Services (ADFS). This book provides real-world scenarios that let you apply what you’ve learned—ideal whether you’re a network administrator for a small business or a multinational enterprise.

  • Upgrade Active Directory to Windows Server 2012
  • Learn the fundamentals, including how AD stores objects
  • Use the AD Administrative Center and other management tools
  • Learn to administer AD with Windows PowerShell
  • Search and gather AD data, using the LDAP query syntax
  • Understand how Group Policy functions
  • Design a new Active Directory forest
  • Examine the Kerberos security protocol
  • Get a detailed look at the AD replication process
Preface xv
1 A Brief Introduction 1(4)
Evolution of the Microsoft NOS
2(1)
A Brief History of Directories
2(1)
Summary
3(2)
2 Active Directory Fundamentals 5(28)
How Objects Are Stored and Identified
5(4)
Uniquely Identifying Objects
6(3)
Building Blocks
9(22)
Domains and Domain Trees
9(2)
Forests
11(2)
Organizational Units
13(1)
The Global Catalog
14(1)
Flexible Single Master Operator (FSMO) Roles
14(8)
Time Synchronization in Active Directory
22(2)
Domain and Forest Functional Levels
24(3)
Groups
27(4)
Summary
31(2)
3 Active Directory Management Tools 33(30)
Management Tools
33(19)
Active Directory Administrative Center
34(3)
Active Directory Users and Computers
37(8)
ADSI Edit
45(2)
LDP
47(5)
Customizing the Active Directory Administrative Snap-ins
52(6)
Display Specifiers
53(1)
Property Pages
54(1)
Context Menus
54(2)
Icons
56(1)
Display Names
57(1)
Object Creation Wizard
57(1)
Active Directory PowerShell Module
58(1)
Best Practices Analyzer
59(2)
Active Directory-Based Machine Activation
61(1)
Summary
61(2)
4 Naming Contexts and Application Partitions 63(10)
Domain Naming Context
66(1)
Configuration Naming Context
67(1)
Schema Naming Context
67(2)
Application Partitions
69(3)
Storing Dynamic Data
71(1)
Summary
72(1)
5 Active Directory Schema 73(34)
Structure of the Schema
74(5)
X.500 and the OID Namespace
75(4)
Attributes (attributeSchema Objects)
79(2)
Dissecting an Example Active Directory Attribute
80(1)
Attribute Properties
81(14)
Attribute Syntax
82(2)
systemFlags
84(2)
schemaFlagsEx
86(1)
searchFlags
86(8)
Property Sets and attributeSecurityGUID
94(1)
Linked Attributes
94(1)
MAPI IDs
95(1)
Classes (classSchema Objects)
95(10)
Object Class Category and Inheritance
96(3)
Dissecting an Example Active Directory Class
99(4)
Dynamically Linked Auxiliary Classes
103(2)
Summary
105(2)
6 Site Topology and Active Directory Replication 107(44)
Site Topology
107(16)
Site and Replication Management Tools
108(1)
Subnets
108(6)
Sites
114(2)
Site Links
116(5)
Site Link Bridges
121(1)
Connection Objects
121(1)
Knowledge Consistency Checker
122(1)
How Replication Works
123(21)
A Background to Metadata
123(7)
How an Object's Metadata Is Modified During Replication
130(5)
The Replication of a Naming Context Between Two Servers
135(6)
How Replication Conflicts Are Reconciled
141(3)
Common Replication Problems
144(5)
Lingering Objects
145(1)
USN Rollback
146(3)
Summary
149(2)
7 Searching Active Directory 151(18)
The Directory Information Tree
151(4)
Database Structure
151(4)
Searching the Database
155(7)
Filter Operators
155(1)
Connecting Filter Components
156(2)
Search Bases
158(1)
Modifying Behavior with LDAP Controls
159(3)
Attribute Data Types
162(3)
Dates and Times
162(1)
Bit Masks
163(1)
The In-Chain Matching Rule
164(1)
Optimizing Searches
165(3)
Efficient Searching
165(2)
objectClass Versus object Category
167(1)
Summary
168(1)
8 Active Directory and DNS 169(36)
DNS Fundamentals
170(5)
Zones
170(1)
Resource Records
171(1)
Client Lookup Process
171(1)
Dynamic DNS
172(2)
Global Names Zones
174(1)
DNSSEC
175(11)
How Does DNSSEC Work?
176(4)
Configuring DNSSEC for Active Directory DNS
180(6)
DC Locator
186(1)
Resource Records Used by Active Directory
187(5)
Overriding SRV Record Registration
191(1)
Delegation Options
192(4)
Not Delegating the AD DNS Zones
192(2)
Delegating the AD DNS Zones
194(2)
Active Directory-Integrated DNS
196(3)
Replication Impact
198(1)
Background Zone Loading
199(1)
Using Application Partitions for DNS
199(2)
Aging and Scavenging
201(2)
Configuring Scavenging
201(2)
Managing DNS with Windows PowerShell
203(1)
Summary
204(1)
9 Domain Controllers 205(56)
Building Domain Controllers
205(11)
Deploying with Server Manager
206(8)
Using DCPromo on Earlier Versions of Windows
214(1)
Automating the DC Build Process
214(2)
Virtualization
216(13)
When to Virtualize
216(1)
Impact of Virtualization
217(4)
Virtualization Safe Restore
221(1)
Cloning Domain Controllers
222(7)
Read-Only Domain Controllers
229(30)
Prerequisites
231(1)
Password Replication Policies
232(6)
The Client Logon Process
238(5)
RODCs and Write Requests
243(5)
The W32Time Service
248(2)
Application Compatibility
250(2)
RODC Placement Considerations
252(1)
Administrator Role Separation
253(3)
Promoting an RODC
256(3)
Summary
259(2)
10 Authentication and Security Protocols 261(22)
Kerberos
261(15)
User Logon
262(2)
Service Access
264(5)
Application Access
269(1)
Logon and Service Access Summary
269(1)
Delegation and Protocol Transition
270(6)
Authentication Mechanism Assurance
276(1)
Managed Service Accounts
276(5)
Preparing for Group Managed Service Accounts
277(1)
Using Group Managed Service Accounts
277(4)
Summary
281(2)
11 Group Policy Primer 283(56)
Capabilities of Group Policy Objects
284(5)
Group Policy Storage
284(5)
How Group Policies Work
289(18)
GPOs and Active Directory
290(1)
Prioritizing the Application of Multiple Policies
291(2)
Standard GPO Inheritance Rules in Organizational Units
293(1)
Blocking Inheritance and Overriding the Block in Organizational Unit GPOs
294(3)
When Policies Apply
297(1)
Combating Slowdown Due to Group Policy
298(3)
Security Filtering and Group Policy Objects
301(2)
Loopback Merge Mode and Loopback Replace Mode
303(1)
Summarizing Group Policy Application
304(2)
WMI Filtering
306(1)
Group Policy
307(22)
Managing Group Policies
308(1)
Using the Group Policy Management Console
309(1)
Using the Group Policy Management Editor
310(3)
Group Policy Preferences
313(5)
Running Scripts with Group Policy
318(2)
Group Policy Modeling
320(2)
Delegation and Change Control
322(3)
Using Starter GPOs
325(1)
Group Policy Backup and Restore
326(1)
Scripting Group Policy
327(2)
Troubleshooting Group Policy
329(8)
Group Policy Infrastructure Status
329(1)
Group Policy Results Wizard
330(3)
Forcing Group Policy Updates
333(1)
Enabling Extra Logging
334(2)
Group Policy Diagnostic Best Practices Analyzer
336(1)
Third-Party Troubleshooting Tools
336(1)
Summary
337(2)
12 Fine-Grained Password Policies 339(16)
Understanding Password Settings Objects
339(1)
Scenarios for Fine-Grained Password Policies
340(2)
Defining Password Settings Objects
340(2)
Creating Password Settings Objects
342(4)
PSO Quick Start
342(1)
Building a PSO from Scratch
342(4)
Managing Password Settings Objects
346(6)
Strategies for Controlling PSO Application
346(1)
Managing PSO Application
347(5)
Delegating Management of PSOs
352(1)
Summary
353(2)
13 Designing the Active Directory Structure 355(40)
The Complexities of a Design
356(1)
Where to Start
357(1)
Overview of the Design Process
357(2)
Domain Namespace Design
359(8)
Objectives
359(1)
Step 1: Decide on the Number of Domains
360(3)
Step 2: Design and Name the Tree Structure
363(4)
Design of the Internal Domain Structure
367(9)
Step 3: Design the Hierarchy of Organizational Units
368(4)
Step 4: Design the Workstation and Server Naming Conventions
372(1)
Step 5: Plan for Users and Groups
373(3)
Other Design Considerations
376(1)
Design Examples
377(16)
Tailspin Toys
377(6)
Contoso College
383(5)
Fabrikam
388(5)
Recognizing Nirvana's Problems
393(1)
Summary
394(1)
14 Creating a Site Topology 395(22)
Intrasite and Intersite Topologies
395(10)
The KCC
396(1)
Automatic Intrasite Topology Generation by the KCC
397(4)
Site Links: The Basic Building Blocks of Intersite Topologies
401(3)
Site Link Bridges: The Second Building Blocks of Intersite Topologies
404(1)
Designing Sites and Links for Replication
405(4)
Step 1: Gather Background Data for Your Network
405(1)
Step 2: Plan the Domain Controller Locations
405(2)
Step 3: Design the Sites
407(1)
Step 4: Create Site Links
408(1)
Step 5: Create Site Link Bridges
409(1)
Design Examples
409(5)
Tailspin Toys
409(3)
Contoso College
412(1)
Fabrikam
412(2)
Additional Resources
414(1)
Summary
414(3)
15 Planning for Group Policy 417(10)
Using GPOs to Help Design the Organizational Unit Structure
417(4)
Identifying Areas of Policy
418(1)
Guidelines for Designing GPOs
419(2)
Design Examples
421(5)
Tailspin Toys
421(3)
Contoso College
424(1)
Fabrikam
425(1)
Summary
426(1)
16 Active Directory Security: Permissions and Auditing 427(54)
Permission Basics
428(10)
Permission ACEs
429(1)
Property Sets, Validated Writes, and Extended Rights
430(1)
Inherited Versus Explicit Permissions
431(1)
Default Security Descriptors
432(1)
Permission Lockdown
433(1)
The Confidentiality Bit
434(1)
Protecting Objects from Accidental Deletion
435(3)
Using the GUI to Examine Permissions
438(8)
Reverting to the Default Permissions
441(1)
Viewing the Effective Permissions for a User or Group
442(1)
Using the Delegation of Control Wizard
443(3)
Using the GUI to Examine Auditing
446(1)
Designing Permissions Schemes
446(9)
The Five Golden Rules of Permissions Design
446(6)
How to Plan Permissions
452(2)
Bringing Order out of Chaos
454(1)
Designing Auditing Schemes
455(7)
Implementing Auditing
457(2)
Tracking Last Interactive Logon Information
459(3)
Real-World Active Directory Delegation Examples
462(3)
Hiding Specific Personal Details for All Users in an Organizational Unit from a Group
462(2)
Allowing Only a Specific Group of Users to Access a New Published Resource
464(1)
Restricting Everyone but HR from Viewing National/Regional ID Numbers with the Confidential Bit
465(1)
The AdminSDHolder Process
465(4)
Dynamic Access Control
469(11)
Configuring Active Directory for DAC
470(7)
Using DAC on the File Server
477(3)
Summary
480(1)
17 Designing and Implementing Schema Extensions 481(18)
Nominating Responsible People in Your Organization
482(1)
Thinking of Changing the Schema
483(5)
Designing the Data
483(1)
To Change or Not to Change
484(2)
The Global Picture
486(2)
Creating Schema Extensions
488(9)
Running the AD Schema Management MMC Snap-in for the First Time
488(1)
The Schema Cache
489(1)
The Schema Master FSMO
490(2)
Using LDIF to Extend the Schema
492(2)
Checks the System Makes When You Modify the Schema
494(1)
Making Classes and Attributes Defunct
495(1)
Mitigating a Schema Conflict
496(1)
Summary
497(2)
18 Backup, Recovery, and Maintenance 499(48)
Backing Up Active Directory
499(8)
Using the NT Backup Utility
502(2)
Using Windows Server Backup
504(3)
Restoring a Domain Controller
507(9)
Restore from Replication
508(3)
Restore from Backup
511(1)
Install from Media
512(4)
Restoring Active Directory
516(9)
Nonauthoritative Restore
517(4)
Partial Authoritative Restore
521(3)
Complete Authoritative Restore
524(1)
Working with Snapshots
525(2)
Active Directory Recycle Bin
527(6)
Deleted Object Lifecycle
528(1)
Enabling the Recycle Bin
529(2)
Undeleting Objects
531(2)
FSMO Recovery
533(3)
Restartable Directory Service
536(1)
DIT Maintenance
537(8)
Checking the Integrity of the DIT
538(2)
Reclaiming Space
540(2)
Changing the DS Restore Mode Admin Password
542(3)
Summary
545(2)
19 Upgrading Active Directory 547(20)
Active Directory Versions
547(11)
Windows Server 2003
549(4)
Windows Server 2008
553(2)
Windows Server 2008 R2
555(1)
Windows Server 2012
556(2)
Functional Levels
558(5)
Raising the Functional Level
559(3)
Functional Level Rollback
562(1)
Beginning the Upgrade
563(1)
Known Issues
564(1)
Summary
565(2)
20 Active Directory Lightweight Directory Services 567(42)
Common Uses for AD LDS
568(1)
AD LDS Terms
569(1)
Differences Between AD and AD LDS
570(7)
Standalone Application Service
570(1)
Configurable LDAP Ports
570(1)
No SRV Records
570(2)
No Global Catalog
572(1)
Top-Level Application Partition Object Classes
573(1)
Group and User Scope
573(1)
FSMOs
573(2)
Schema
575(1)
Service Account
575(1)
Configuration/Schema Partition Names
576(1)
Default Directory Security
576(1)
User Principal Names
576(1)
Authentication
576(1)
Users in the Configuration Partition
577(1)
New and Updated Tools
577(1)
AD LDS Installation
577(14)
Installing the Server Role
577(1)
Installing a New AD LDS Instance
578(7)
Installing an AD LDS Replica
585(5)
Enabling the Recycle Bin
590(1)
Tools
591(4)
ADAM Install
591(1)
ADAM Sync
591(1)
ADAM Uninstall
591(1)
AD Schema Analyzer
592(1)
AD Schema MMC Snap-in
592(1)
ADSI Edit
592(2)
dsdbutil
594(1)
dsmgmt
594(1)
ldifde
594(1)
LDP
594(1)
repadmin
594(1)
The AD LDS Schema
595(1)
Default Security Descriptors
595(1)
Bindable Objects and Bindable Proxy Objects
595(1)
Using AD LDS
596(11)
Creating Application Partitions
596(1)
Creating Containers
597(1)
Creating Users
598(1)
Creating User Proxies
599(2)
Renaming Users
601(1)
Creating Groups
602(1)
Adding Members to Groups
602(1)
Removing Members from Groups
603(1)
Deleting Objects
604(1)
Deleting Application Partitions
604(1)
Controlling Access to Objects and Attributes
605(2)
Summary
607(2)
21 Active Directory Federation Services 609(48)
Introduction to Federated Identity
609(5)
How It Works
610(3)
SAML
613(1)
WS-Federation
613(1)
Understanding ADFS Components
614(5)
The Configuration Database
614(1)
Federation Servers
615(1)
Federation Server Proxies
615(1)
ADFS Topologies
615(4)
Deploying ADFS
619(14)
Federation Servers
621(8)
Federation Server Proxies
629(4)
Relying Party Trusts
633(4)
Claims Rules and the Claims Pipeline
637(8)
The Pipeline
637(2)
Creating and Sending Claims Through the Pipeline
639(6)
Customizing ADFS
645(2)
Forms-Based Logon Pages
647(1)
Attribute Stores
647(1)
Troubleshooting ADFS
647(7)
Event Logs
648(1)
Fiddler
649(5)
Summary
654(3)
A Programming the Directory with the .NET Framework 657(30)
Index 687
Brian Desmond spends his days focused on Active Directory for some of the world's largest companies. A Microsoft MVP since 2004, Brian brings extensive knowledge of how Active Directory works and how to successfully run Active Directory deployments large and small. Joe Richards is a consultant / admin / tool writer who happens to have a secret identity as a Microsoft MVP for Windows Server Directory Services. . His specialty is Directory Services but has "minors" in Security and Active Directory programming. By day he works for a large services/consulting/manufacturing company. He takes time to chat with people on listservs and newsgroups, write about stuff he knows, and whips up various fairly useful tools. Robbie Allen is a technical leader at Cisco Systems, where he has been involved in the deployment of Active Directory, DNS, DHCP, and several network management solutions. Robbie was named a Windows Server MVP in 2004 and 2005 for his contributions to the Windows community and the publication of several popular O'Reilly books. Robbie is currently studying at MIT in its system design and management program. For more information, see Robbie's web site at www.rallenhome.com. Alistair G. Lowe-Norris is an Architectural Enterprise Strategy Consultant for Microsoft UK. He worked for Leicester University as the project manager and technical lead of the Rapid Deployment Program for Windows 2000, responsible for rolling out one of the world's largest deployments of Windows 2000 preceding release of the final product. Since 1998 he has been the technical editor and a monthly columnist for the Windows Scripting Solutions magazine and a technical editor and author for Windows & .NET Magazine (previously Windows NT Magazine and Windows 2000 Magazine).
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97814493200102e.html
Keywords: