Scribd
Upload
206 views

Abbreviations/Acronyms Expansion

This document provides information about Active Directory (AD), including its core components, features in different Windows Server versions, and new features in Windows Server 2016. It defines key AD terms like domain, domain controller, forest, and tree. It also describes the basic components of AD, including domains, domain controllers, forests, trees, and different types of groups in AD.

Uploaded by

Abhijeet Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
206 views

Abbreviations/Acronyms Expansion

This document provides information about Active Directory (AD), including its core components, features in different Windows Server versions, and new features in Windows Server 2016. It defines key AD terms like domain, domain controller, forest, and tree. It also describes the basic components of AD, including domains, domain controllers, forests, trees, and different types of groups in AD.

Uploaded by

Abhijeet Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

 List of Abbreviations/Acronyms

Abbreviations/Acronyms Expansion

AD Active Directory
OU Organization Unit
DC Domain Controller
ADDS Active Directory Domain Services
SNOW Service Now
NL Netherlands
SG Security Group
TCP Transmission Control Protocol
UDP User Define Protocol

 List of some Reference Link:

Reference Links: Purpose

https://docs.microsoft.com/en-us/windows-server For Windows Server


http://www.itingredients.com/non-authoritative-
restore-of-system-state-backup-in-windows-server- For Non-Authoritative restore of System
2012-r2/ State Backup.
http://www.itingredients.com/perform-authoritative-
restore-active-directory-objects-2012-r2/ For Authoritative Restore of AD Object.
https://social.technet.microsoft.com/wiki/contents/
articles/19037.active-directory-features-in-different-
versions-of-windows-server.aspx
1. Introduction

Active Directory is directory service developed by Microsoft and used to store objects like User,
Computer, Printer, Network information etc. It facilitates to manage your network effectively with
multiple Domain Controllers in different location with AD Database , able to manage/change AD from
any Domain Controllers and this will be replicated to all other DC’s , centralized Administration with
multiple geographical location and authenticates users and computers in windows domain.

2. Why Active Directory needed ?

Active Directory helps you organize your company’s users, computer, printers and
more. Active directory organizes information in a hierarchal manner using directories. These
directories can store a variety of information and can even be managed centrally via Domain
controllers, enabling anyone to access their user account from any machine on the LDAP or
AD enabled network. The main benefit of using Active directory is that information for an
entire organization can be consolidated into a central repository. Below are few benefits or
features of AD.

 Active Directory enables single sign-on (SSO) for user to access resources on the
network such as desktops , shared files , printers etc.
 Active Directory is more scalable and flexible for administration.
 Active Directory provides advanced security for entire network and network
resources.

2.2 Windows server 2016 and new features of windows server 2016

Below are some new features of windows server 2016


 Nano Server- Nano server is a stripped-down version of windows server developed by Microsoft
specifically for running cloud application and container. There is not any graphical user interface
and cannot able to serve as ADDS.

 PowerShell 5.1-PowerShell is a task automation and configuration management framework


which consist of command line shell and associated scripting language.

 Nested Virtualization-Nested Virtualization is a feature that allows you to run Hyper-V virtual
machine.

 Shielded VMs- Windows Server 2016 shielded VMs allow for much deeper, fine-grained control
over Hyper-V VM access.
 ADFS v4-ADFS v4 in Windows Server 2016 finally brings support for OpenID Connect-based
authentication, multi-factor authentication (MFA), and what Microsoft calls "hybrid conditional
access."

 Storage Spaces Direct-Storage Spaces is a cool Windows Server feature that makes it more
affordable for administrators to create redundant and flexible disk storage. Storage Spaces Direct
in Windows Server 2016 extends Storage Spaces to allow failover cluster nodes to use their local
storage inside this cluster, avoiding the previous necessity of a shared storage fabric.

Windows Server OS Previous Versions & Features

Below are different versions of windows servers and its AD features:

 Windows Server 2000


1. Support for FAT16, FAT32, and NTFS.
2. Encrypted file systems protect sensitive data.
3. Secure VPN (virtual private network) supports tunnelling into private LAN over the public
Internet.
4. Supports USB (Universal Serial Bus) and IEEE 1394 for greater bandwidth devices.
5. Active Directory improves manageability, enables security, and extends interoperability with
other operating systems.
6. Supports COM+ to run component-based applications, integrated Web applications, and
message-queuing services.

 Windows Server 2003


1. XML Web services.  IIS 6.0 security settings are enforced during setup by default to ensure
that only required services are running.
2. Directory services.  Active Directory security settings for users and network resources span
from the core to the edge of the network, helping you make a secure end-to-end network a
reality.
3. Update management.  The Auto Update feature provides the ability to systematically
download critical operating system updates, such as security fixes and security patches.
Administrators select when to install these critical operating system updates.
4. Internet firewall.  Connecting to the Internet is more secure with the built-in Internet
Connection Firewall.
5. Remote access.  Dial-up users can be quarantined via administrator policy. They can be
prevented from accessing the network until their system is verified to have administrator-
specified software, such as virus detection updates.

 Windows Server 2003 R2


1. Multiple selection of user objects
2. Drag and drop functionality Jump
3. Saved queries Jump
4. New Active Directory command-line tools, such as adprep.exe Jump
5. Application directory partitions Jump
6. Ability to add additional domain controllers by using backup media Jump
7. Universal group membership caching Jump
8. Secure Lightweight Directory Access Protocol (LDAP) traffic Jump

 Windows Server 2008


1. Auditing Improvements Jump
2. Fine-grained password policies Jump (requires Windows Server 2008 domain functional
level)
3. Read-only domain controllers Jump (requires Windows Server 2003 functional level)
4. Restartable Active Directory
5. AD database mounting tool Jump
6. DFSR replication of SYSVOL Jump (requires Windows Server 2008 domain functional level)
7. DSRM password sync Jump

 Windows Server 2008 R2


1. Active Directory Recycle Bin Jump (requires Windows Server 2008 R2 forest functional level)
2. Active Directory module for Windows PowerShell and Windows PowerShell cmdlets Jump
3. Active Directory Web Services Jump
4. Active Directory Administrative Centre Jump
5. Authentication mechanism assurance Jump
6. Offline domain join Jump
7. Managed Service Accounts Jump
8. New logic for bridgehead server selection Jump

 Windows Server 2012


1. Improved upgrade preparation and installation Jump
2. Dynamic Access Control Jump
3. AD FS built in as a server role Jump
4. Windows PowerShell History Viewer Jump
5. Fine-grained password Policy UI Jump
6. Active Directory Recycle Bin UI Jump
7. Active Directory Replication and Topology Windows PowerShell cmdlets Jump
8. Active Directory-based Activation Jump
9. Group Managed Service Accounts Jump
10. RID Improvements Jump

 Windows Server 2012 R2


1. Protected Users Security Group Jump
2. Authentication Policy and Authentication Policy Silos Jump
3 Basic component of Active Directory

3.1 Domain:
A domain is defined as a logical group of network objects (computers, users, devices) that share the
same Active Directory database.
Examples: manpowercn.com, manpower.it, manpowerin.co.in

3.2 Domain Controller:


The domain controller is a computer that runs a Windows Server operating system and holds the Active
Directory Domain Services role. The domain controller holds AD Database and all AD changes get
replicated to other DC and vice versa. A domain can have any number of domain controllers. Whenever a
DC is down or fail secondary DC will handle the request. Primary domain controller is important, it will
synchronize the time of all DC. The number of domain controllers is dependent on the enterprise's size,
geographical location, and network segmentation.
When a user need access or try to login, domain controller is the server which will verify and
authenticate the user and after that it will allow the access.
Example of Domain Controller: MPGCLWPGS0008.CORP.ROOT.GLOBAL

3.3 Forest:
An Active Directory Forest is a collection of one or more trees. A forest can consist of a single tree with a
single domain, or it can contain several trees, each with a hierarchy of parent and child domains.

Fig: Domain Forest


3.4 Tree:
A tree is a group of domains. Tree have a contiguous namespace in a domain that shares the same root
domain name. For example, the root domain is google.com and a possible contiguous namespace
is India.google.com.

3.5 Groups in AD:


The group is a collection of Active Directory objects. The group can include users, computers, other
groups and other AD objects.

3.5.1 Group type: Based on nature, group are of two types:

 Active Directory Security Groups. This type of group is used to provide access to resources based
on security purposes.

 Active Directory Distribution Groups. This type of group is used to create email distribution. This
type of group cannot be used to provide access to domain resources, because they are not
security enabled.

3.5.2 Group Scope: Based on use cases, group have three scope:

 Domain local - Used to only grant rights and permissions on resources in local domain. It can
contain Users, Global groups and Universal groups from any domain in forest.
 Global- It is used to grant rights and permissions to any resource in any domain in forest. It can
contain Users from anywhere in forest, Global groups from same domain.

 Universal- Used for forest-wide operations to allow rights and permission in any domain in
forest. It can contain Users, global groups, and other universal groups from any domain in forest.

You might also like