Robert Clayton Active Directory Mrs.

D Exploring Directory Services AD FS is composed of three different server components: Federation Server, Federation Proxy server, and ADFS Web Agents. A federation server is the main AD FS component, which holds the Federation Service role (http://technet.microsoft.com/enus/library/cc755080%28v=ws.10%29.aspx). These servers route authentication requests between connected directories. A federation proxy server acts as a reverse proxy for AD FS authentication requests (http://support.sas.com/rnd/itech/doc9/dev_guide/ldap/ldapovew.html). The Active Directory Lightweight Directory Services server role is a Lightweight Directory Access Protocol directory service. (Windows Server 2008 Active Directory Configuration by Microsoft.) It provides data storage and retrieval for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services. Active Directory Certificate Services provides customizable services for issuing and managing public key infrastructure (PKI) certificates used in software security systems that employ public key technologies. The digital certificates that AD CS provides can be used to encrypt and digitally sign electronic documents and messages. (Windows Server 2008 Active Directory Configuration by Microsoft.) These digital certificates can be used for authentication of computer, user, or device accounts on a

network. Digital certificates are used to provide: Confidentiality through encryption, Integrity through digital signatures, and Authentication by associating certificate keys with computer, user, or device accounts on a computer network. Active Directory Rights Management Services provides services to enable the creation of information-protection solutions. It will work with any AD RMS-enabled application to provide persistent usage policies for sensitive information. Content that can be protected by using AD RMS includes intranet Web sites, e-mail messages, and documents (http://support.sas.com/rnd/itech/doc9/dev_guide/ldap/ldapovew.html). AD RMS includes a set of core functions that allow developers to add information protection to the functionality of existing applications. A directory is a specialized database that is designed to retrieve information quickly and securely. It is optimized for read access because the type of information in the directory is searched often, but changes infrequently. For example, a user name that you add for a new employee is not likely to change for the entire period of employment. Information about the services, resources, users, and other objects that are accessible from the applications is organized as a collection of individual entries that contain information about each resource. To make accessing these entries as efficient as possible, they are organized in a hierarchy called the Directory Information Tree (DIT). "The following diagram shows an example of a DIT:

The root of the tree is typically a country (C) followed by an organization (O). For example, in the figure above, the root of the tree is o=Alphalite Airways, c=US. One or more organizational units (OU) typically appear below the root. These are container objects in that they can contain other directory entries. Directory entries that store information about a specific resource are referred to as leaf objects and they are added to the tree under an existing container object. The path to each entry in the tree is called its distinguished name (DN), and each DN in the tree is unique. For example, using the DIT in the figure above, the DN for the Airplane Maintenance Department of Alphalite Airways would be ou=Planes, ou=Maintenance, o=Alphalite Airways, c=US." http://support.sas.com/rnd/itech/doc9/dev_guide/ldap/ldapovew.html The Advantages of directory services: To authenticate users faster in the domain, To authenticate resources(gps etc) faster for the users, Utilization of resources Utilization of network and decreasing the overall traffic in the network., The main benefit is that of the users and passwords management, which could grow to be massive amount of work having to manage them individually on each independent servers. The proposed changes of migrating the whole platform to Active Directory environment will assist in propagating the changes on to the servers. The disadvantages are: Cost of infrastructure, Good planning is must. Complex structure for the user. Alternative Active Directory

Design Options include: Single-forest, single-domain - Shared, Single-forest, singledomain - Dedicated, Single-forest, multiple-domains, Multiple-forests - Super Admin domain, Multiple-forests - Super Admin forest " msdn.microsoft.com/enus/library/.../aa746434(v=vs.85).aspx" Remote data utilize powerful, proven methods to recover your critical files safely and securely while saving you time and money. Remote data can also recover lost data, including deleted files, damaged or deleted partition, format, Fdisk, corrupt or missing operating system files, corrupt files, or missing partitions. A remote data recovery is when a technician access your hard drive via internet to help recover your deleted or damaged files. If a technician accesses your hard drive it will not be without your consent and permission to access you hard drive. (Windows Server 2008 Active Directory Configuration by Microsoft.) A local data recovery is when you take your hardware mainly your hard drive to a technician or geek squad to recover your deleted or damaged files. Local data recovery is the salvaging of data originally stored on media such as magnetic disks and tapes and which has become corrupt or inaccessible...Data is stored on media like hard disks, RAID configurations of hard disks, magnetic disks, tapes, CDs, DVDs, floppy disks and other storage media. Data gets damaged or missing in a variety of ways from virus attacks to improper storage of the media to accidents like floods. It could also have simply just been erased. Very often a large percentage of this data can be recovered using a variety of techniques. Using the skills and experience gained by managing and configuring services, is a great skill to have. You can build, tear down, implement and secure all files on any given domain within the inter-networked environment for a company or for a home server.

Being able to modify the server to suit the needs of the consumer or client is a key piece to properly manage and configure the servers. Using this knowledge will allow me to become an asset to a company who is looking to implement a new structure within their business or even revamp an existing one to make it run more effectively for the users within the company.

Bibliography (http://technet.microsoft.com/en-us/library/cc755080%28v=ws.10%29.aspx) (http://support.sas.com/rnd/itech/doc9/dev_guide/ldap/ldapovew.html) (Windows Server 2008 Active Directory Configuration by Microsoft.)