1 00:00:06,550 --> 00:00:11,750 AIDS includes both logical and physical components. 2 00:00:11,770 --> 00:00:19,780 You need to understand how AIDS components work together so that you can manage your infrastructure 3 00:00:19,780 --> 00:00:20,890 efficiently. 4 00:00:20,920 --> 00:00:29,740 In addition, you can use aid options to perform actions such as installing, configuring and updating 5 00:00:29,740 --> 00:00:39,100 applications, managing the security infrastructure, enabling remote access service and direct access, 6 00:00:39,100 --> 00:00:43,710 and issuing and managing digital certificates. 7 00:00:43,720 --> 00:00:52,960 One of the most used AIDS features is group policy, which allows you to configure centralized policies 8 00:00:52,960 --> 00:00:57,790 for managing most objects in AIDS. 9 00:00:57,820 --> 00:01:06,100 Understanding the various AIDS components is important for use group policy successfully. 10 00:01:06,130 --> 00:01:12,610 We'll talk about implementing group policies a bit later in more detail. 11 00:01:12,610 --> 00:01:18,430 But for now, let's take a closer look at logical components of AIDS. 12 00:01:18,430 --> 00:01:27,730 It is so logical components are structures that you use to implement Active Directory design that is 13 00:01:27,730 --> 00:01:30,250 appropriate for an organisation. 14 00:01:30,250 --> 00:01:34,630 As you can see, they have logical components and physical components. 15 00:01:34,630 --> 00:01:37,360 Let's see what logical components are. 16 00:01:37,390 --> 00:01:47,470 Partition a partition or name context is a portion of the Active Directory database. 17 00:01:47,470 --> 00:01:55,540 By the way, I advise you to remember all these names because they are very crucial for understanding 18 00:01:55,540 --> 00:01:57,760 how Active Directory works. 19 00:01:57,760 --> 00:01:59,770 So back to partition. 20 00:01:59,770 --> 00:02:09,930 Although the database is one file named and its date, different partitions contain different data. 21 00:02:09,940 --> 00:02:16,270 For example, the schema partition contains a copy of Active Directory schema. 22 00:02:16,300 --> 00:02:24,820 The configuration partition contains the configuration objects for the forest and the domain partition 23 00:02:24,820 --> 00:02:32,230 contains the user's computers, groups and other objects specific to the domain. 24 00:02:32,230 --> 00:02:41,410 Copies of a partition can be stored on multiple domain controllers and updated through directory replication. 25 00:02:41,530 --> 00:02:45,040 Let's move on and take a look at schema. 26 00:02:45,070 --> 00:02:55,840 Schema is the set of definitions of the object types and attributes that you use to define the objects 27 00:02:55,840 --> 00:02:58,030 created in Active Directory. 28 00:02:58,060 --> 00:03:00,340 Next on is domain. 29 00:03:00,370 --> 00:03:08,560 A domain is a logical administrative container for objects such as users and computers. 30 00:03:08,560 --> 00:03:18,760 A domain maps to a specific partition and can be organized with parent child relationships to other 31 00:03:18,760 --> 00:03:19,580 domains. 32 00:03:19,600 --> 00:03:22,140 Next up, we have domain three. 33 00:03:22,210 --> 00:03:30,850 A domain three is a hierarchical collection of domains that share a common root domain and a contiguous 34 00:03:30,940 --> 00:03:34,990 domain name system or DNS namespace. 35 00:03:35,020 --> 00:03:37,120 Next up is Forest. 36 00:03:37,150 --> 00:03:45,790 And Forest is a collection of domains that share a common address, root and schema, which have a two 37 00:03:45,790 --> 00:03:47,830 way trust relationship. 38 00:03:47,980 --> 00:03:49,720 Then we have a site. 39 00:03:49,750 --> 00:03:59,590 A site is a container for added objects such as computers and services that are specific to their physical 40 00:03:59,590 --> 00:04:00,570 location. 41 00:04:00,580 --> 00:04:08,170 This is in comparison to the main, which represents the logical structure of objects such as users 42 00:04:08,170 --> 00:04:11,020 and groups in addition to computers. 43 00:04:11,020 --> 00:04:14,050 Next, we have a subnet. 44 00:04:14,110 --> 00:04:22,540 A subnet is a portion of the network IP addresses of an organization assigned to computers. 45 00:04:22,540 --> 00:04:33,310 In a site, a site can have more than one subnet, so a site is computers in physical location and subnet 46 00:04:33,340 --> 00:04:43,210 is IP addresses assigned to this computers and a site hand can have more than one subnet. 47 00:04:43,240 --> 00:04:52,120 Next up, we have Oyu and OYU is a container object for users, groups and computers that provides a 48 00:04:52,120 --> 00:05:01,240 framework for delegating administrative rights and administration by by linking group policy objects 49 00:05:01,240 --> 00:05:02,500 or GPOs. 50 00:05:02,500 --> 00:05:05,770 So all use are created to make administrator. 51 00:05:06,010 --> 00:05:16,210 Life easier instead of administration users or computers or groups, one by one you organize them together 52 00:05:16,210 --> 00:05:19,100 in or use, which is a container. 53 00:05:19,120 --> 00:05:22,360 And the last one is container. 54 00:05:22,450 --> 00:05:29,210 A container is an object that provides an organizational framework for use in aid. 55 00:05:29,230 --> 00:05:35,530 As some containers are created by default, you can create custom containers. 56 00:05:35,530 --> 00:05:40,000 Containers cannot have GPOs linked to them. 57 00:05:40,000 --> 00:05:50,110 So thing is in this way you can manipulate and do some actions with or use and you cannot do anything 58 00:05:50,110 --> 00:05:54,310 with container like applying any policies on it. 59 00:05:54,340 --> 00:06:00,220 Now besides logical components, we've got physical components. 60 00:06:00,220 --> 00:06:02,680 We've got a domain controller. 61 00:06:02,710 --> 00:06:06,760 It contains a copy of its database. 62 00:06:06,760 --> 00:06:15,460 For most operations, each domain controller can process changes and replicate the changes to all the 63 00:06:15,460 --> 00:06:17,110 other domain controllers. 64 00:06:17,110 --> 00:06:20,250 In domain, we've got data stored. 65 00:06:20,350 --> 00:06:26,110 A copy of the data store exists on each domain controller. 66 00:06:26,140 --> 00:06:36,310 The Active Directory database uses Microsoft Jet database and stores the directory information in the 67 00:06:36,310 --> 00:06:37,020 anti. 68 00:06:37,030 --> 00:06:42,280 This dot did file and associated log files. 69 00:06:42,280 --> 00:06:54,100 The default folder for these files is c drive colon backslash windows folder backslash ntds folder. 70 00:06:54,100 --> 00:07:02,560 So if you want, you can go right now and find this folder where all the files are kept in case you've 71 00:07:02,560 --> 00:07:08,290 got to run an domain controller at your hand and let's move on. 72 00:07:08,290 --> 00:07:14,350 We've got also global catalog server as a physical component. 73 00:07:14,440 --> 00:07:23,260 A global catalog server is a domain controller that hosts the global catalog, which is a partial read 74 00:07:23,260 --> 00:07:28,570 only copy of all the objects in a multiple domain forest. 75 00:07:28,750 --> 00:07:36,880 A global catalog speeds up searches for objects that might be stored on domain controllers in different 76 00:07:36,880 --> 00:07:39,190 domain in the forest. 77 00:07:39,190 --> 00:07:49,330 And the last component is read Only domain controller or raw DC and Row DC is a special readable installation 78 00:07:49,330 --> 00:07:51,430 of add s row. 79 00:07:51,430 --> 00:07:57,130 This is our common and branch offices where physical security is not optional. 80 00:07:57,160 --> 00:08:04,180 IT support is less advanced than in the main corporate centers or line of business. 81 00:08:04,180 --> 00:08:07,420 Applications need to run on a domain controller.