Shulou(Shulou.com)06/02 Report--

Build a domain environment

Domain and active Directory

Domain environment: centralized management, unequal status, hierarchical, with servers (domain controllers)

Domain: logically organizes multiple computers in a network to achieve centralized management. This environment is called a domain.

Domain controller (domain controller): centrally stores user accounts and security databases for the entire domain (at least one per domain)

Active Directory (active directory)

Directory Service in Windows Network

Provides a way to store network object information and enable network users to use the data

Features: centralized management and convenient access to network resources (user / group accounts, shared folders, printers, etc.)

Users only need to log in once to access the entire domain network

Expandability

Domain tree and domain forest

Domain tree: multiple domains with contiguous domain name space

Forest: composed of one or more domain trees

Root domain of the forest: the root domain of the first domain tree directory

Create AD

Environmental requirements:

High hardware configuration

The system is the server version

Administrator permissions

Disk space

Network Unicom

Disk format:

Support for ntfs

Dns support

Steps:

Https://jingyan.baidu.com/article/4e5b3e19f3063191911e2463.html

Join domain: client sets DNS, computer properties change

Cmd:Uslookup domain name resolution command

Cmd:dsa.msc opens domain users

Create a domain user:

Login is the only one in the domain

Display name is the only one in the container

Bind a domain user to a dedicated computer-- user properties-- account-- log in-- enter the computer name

Type of group:

Security group: the setting of user permissions, which can also be used for e-mail communication

Distribution groups: communication for mail

The role of the group is to:

Local domain groups: for this domain

Global: for the entire forest and trust domain

Common group: for the entire forest and trust domain

Trust domain:

Permission assignment rules: the AGDLP domain account joins the global group, then adds the global group to the local domain group, and then assigns permissions to the local domain group.

Organizational unit OU

Containers: effective organization of active directory objects

Design method: according to department, according to geographical location, based on object type

Create, right click to create

Delete cancel the accidental deletion option in View-Advanced Features-right-click to delete object properties.

Assignment:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.