Tuesday, June 21, 2011

How to view forest and domain functional levels

To viewing the forest and domain functional level in the active directory.

Step 1 :- Open the active directory users and computers mmc snap in console. By executing the                 command dsa.msc .
Step2 :-   Right click on the root domain and click properties. now domain properties will open. From             there we can view the domain and forest functional levels under in the general tab.

We can view the information from windows xp and windows server. In windows xp , windows 2003 support should be installed to view the information .For more information watch the below video.

Friday, June 10, 2011

Active Directory – Container objects


Container Objects:-

1. Forest
2. Domain Trees
3. Domains
4.  OU’s

             The largest container objects with active directory are forest. The forest container defines the fundamental security boundary within the Active directory. Which means that users can access resources across an AD forest using the single logon / password combination additional logon would be?
Required to access resources across more than one forest.
             To improve the efficiency of active directory, it divides information into multiple partitions also called naming contexts (NCs). Each domain controller copies of the ntds.dit database file will contain a minimum of three Naming contexts. The following two naming context are replicated forest-wide and are thus stored in the ntds.dit file on every domain controller in a forest.

1.       Schema NC (or) Schema Partition
2.       Configuration partition (or) configuration NC

Schema NC:-

                The schema partition or schema NC contains the rules and definitions that are used for creating and modifying object classes and attributes within active directory.

Configuration Partition:-

                The configuration partition or configuration NC contains the information regarding the physical topology of the network as well as other configuration data that must be replicated throughout the forest.
          Because the schema NC is replicated forest wide, each AD forest has a single schema that is shared by every domain and domain tree within the forest. The information in the configuration NC is similarly shared by all domains in a single forest.
                Each domain controller also stores a copy of the domain NC, which is replicated to each DC within a single domain. The domain NC consists of users, computer and other resources information for a particular active directory domain.

In my next post I will explain about components of Domain trees, domains and OU’s.