Erstellt von maxwell3254
vor mehr als 9 Jahre
|
||
the process of keeping each domain controller in synch with changes that have been made elsewhere on the network
interoperability with prior versions of Microsoft Windows is available in Windows Server 2008
The largest container object within Active Directory
References an object in the Active Directory structure using its entire hierarchial path, starting with the object itself including all parents objects up to the root of the domain
has been Active Directory's default name resolution method
Are the locator records within DNS that allow clients to locate an Active Directory domain controller or global catalog
the functional level allows no backward compatibility. Only Windows server 2008 domain controllers are supported
this level allows backward compatibility with Microsoft Windows 2000
this functional level allows Windows Server 2003 and Windows Server 2008 domain controllers only
transitive in nature and they can be configured as either a one-way or two-way relationship
adds a domain controller to an existing environment and adds a new domain tree to an existing forest
the process of replicating DNS information from one DNS server to another
the process of removing records that were not refreshed or updated within specified time intervals, which will occur naturally with machines that are removed from the network
necessary for computer hostname-to-IP address mappings, which are used for for name resolution by a variety of services
DNS resolves the IP address to a host name
a special installation option that creates a minimal environment for running only specific services and roles
can be used to shorten the "Tree-walking" process for users who require frequent access to resources elsewhere in the forest
allows you to create two-way transitive trusts between separate forests
used to configure a one-way nontransitive trust with a Windows 2000 domain or a single domain in a external organization
allow you to configure trust relationships between Window Server 2008 Active Directory and a UNIX MIT Kerberos realm
Active Directory uses this to control replication traffic
Domain controllers that reside within the same site
Domain controllers located in different sites
Active Directory installation wizard which you can see in the Active Directory Sites and Services tool
INTERSITE REPLICATION PRIMARY GOAL
BOTH INTRASITE AND INTERSITE REPLICATION USE THIS
acts as a central repository by holding a complete copy of all objects from the host server's local domain along with a partial copy of all objects from other domains within the same forest
WHEN A USER INITIATES A SEARCH FOR AN OBJECT IN ACTIVE DIRECTORY THE REQUEST IS AUTOMATICALLY SENT TO THIS PORT
TRUE/FALSE
each site should contain a global catalog server to facilitate user logons
responsible for assigning relative identifiers to domain controllers in the domain
responsible for reference updates from its domain objects to other domains
provides backward compatibility with Microsoft Windows NT 4.0 domains. Password changes, account lockouts, and time synchronization for the domain will also be managed by this
RID, infrastructure master, and PDC emulator
Domain naming master and schema master
responsible for managing changes to the Active Directory
has the authority to manage the creation and deletion of domains, domain trees, and application data partitions in the forest
process is used when you move a FSMO role gracefully from one domain controller to another
procedure is used only when you have experienced a failure of a domain controller that holds a FSMO role. Seizing a role can be defined as forced, ungraceful transfer
view the RID Master, PDC Emulator, or Infrastructure Master
to view the Schema Master
to view Domain Naming Master (DNS)
is the process of confirming a user's identity using a known value such as a password, smart card, or biometric means
the process of confirming that an authenticated user has the correct permissions to access one or more network resources
accounts used to access the local computer only and are stored in local Security Account Manager (SAM) database where they reside
these accounts are used to access Active Directory or network based resources, such as shared folders or printers
these accounts are automatically created when Microsoft Windows Server 2008 is installed
describes the process of configuring one or more groups as members of another group
security-related groups created for purposes of granting resource access permissions to multiple users
nonsecurity-related groups created for the distribution of information to one or more persons
controls which objects the group can contain, limiting the objects to the same domain or permitting objects from remote domains as well, and controls the location in the domain or forest the group can be used
can be used to grant or deny permissions to any resource located in any domain in the forest
used to assign permissions to resources that reside only in the same direction as the domain local group
ALL DEFAULT GROUPS ARE....
you cannot manually modify the group membership, nor can you view their membership lists
is a special identity group that contains all authenticated users and domain guests
used to import or export Active Directory information from a comma-separated value (.csv) file.
can be used to add, delete, or modify objects in Active Directory, in addition to modifying the schema
can be used to create, delete, view, and modify Active Directory objects including users, groups, and OUs
an alphanumeric sequence of characters that you enter with a username to access a server, workstation, or shard resource
an attempt to discover a user's password
password cracking can be accomplished by intelligent guessing on the part of the hacker or through the use of automated tools to try every possible combination of characters until correct sequence is discovered
Strong passwords are required when Active Directory is installed
you utilize a simple interface to delegate permissions for domains, OUs, or containers