Overview of Windows

Server 2003 Operating

System and Directory
Services
Md. Shihab Uddin Khan
Associate Professor
BIBM
1

Overview of Windows
Server 2003

A multipurpose operating system with integrated

support for client/server and peer-to-peer networks.
More secure, more reliable, more available and easier
to administer than any previous version of Windows.
Microsoft released four editions of Windows 2003:
Windows 2003, Web Edition
Windows 2003, Standard Edition
Windows 2003, Enterprise Edition
Windows 2003, Datacenter Edition

Features of Windows Server

2003 Web Edition

Design specifically for Web services.

Easy deployment of Web pages, Web sites, Web

applications, and Web services.

Supports 2 gigabytes (GB) of RAM and a two-way

symmetric multiprocessor (SMP).

Provides unlimited anonymous web connections.

The server cannot be a DHCP or fax server.

Although you can remotely administer the server with

Remote desktop, the server cannot be a terminal
server.

Cannot be a domain controller.

Features of Windows Server

2003, Standard Edition

This flexible server is the ideal choice for small

departmental use.

businesses and

Internet Authentication Service (IAS)

Internet Connection Sharing (ICS).

Offers secure Internet connectivity.

Allows centralized desktop application deployment.

4-way symmetric multiprocessing (SMP).

4 gigabytes (GB) of RAM.

Features of Windows Server

2003, Enterprise Edition

Designed for medium to large businesses.

It is the platform of choice for applications, Web

services, and infrastructure, delivering high reliability,
performance & superior business value.

8-way symmetric multiprocessing (SMP).

Eight-node clustering.

support for up to 32 GB of RAM with the 32-bit version

64-bit Version supports up to 64 GB of RAM

Includes Windows System Resource Manager to

facilitate consolidation and system management

Features of Windows Server 2003, Enterprise

Edition

Figure- Two-node Server cluster running Windows Server 2003, Enterprise Edition
6

Features of Windows Server

2003 Datacenter Edition

It is built for business-critical and mission-critical

applications that demand the highest levels of
reliability, availability, and scalability.

Supports up to 32-way SMP and 64 GB of RAM

with the 32-bit version.

Supports up to 64-way SMP and 512 GB of RAM

with the 64-bit version.

Provides both eight-node clustering and load

balancing services as standard features.

Features of Windows Server 2003, Datacenter

Edition

Figure - Four-node Server cluster running Windows Server 2003 Datacenter Edition

Networking Model

Workgroup Model

Domain Model / Client Server Model

Workgroup Model

10

A logical grouping of networked computers that

share resources, such as files and printers.
It is referred to as a peer-to-peer network .
Each computer in the workgroup running either
Windows 2k Server or Windows 2k Professional or
Windows
2003
Server
or
Windows
XP
Professional.
Each computer maintains a local security
database.
The administration of user accounts and resource
security is decentralized.

Workgroup Model

ws
o
d
in

2k

er
v
r
Se
W

ws
o
d
in

XP

es
f
ro

al
n
sio

Local Security Database

ws
o
d
in

2k

al
n
sio
s
e
of
r
P
W
Local Security Database

11

Local Security Database

ow
d
in

03
0
s2

r
ve
r
e

Local Security Database

Disadvantage of using
Workgroup

12

A user must have a user account on each

computer to which he or she wants to gain
access.
Any change to user accounts, such as
changing a users password or adding a new
user account, must be made on each
computer in the workgroup.
Device and file sharing is handled by
individual computers, and only for he users
that have accounts on each individual
computer.

Domain Model

13

A logical grouping of networked

computers that share a central directory
database.
A directory database contains user
accounts and security information for
the domain.

Domain Model

ma
o
D

in

oll
r
t
n
Co

Co
t
i en
l
C

14

er

ter
u
mp

Co
t
i en
l
C

be
m
Me

ute
p
m

r
ve
r
e
rS

Windows 200X domain model have the

following types of computers
Domain Controller: A domain controller is a computer
running Windows 200X Server that stores and maintain
a copy of the directory (AD Database). In a domain you
create a user account once, which Windows 200X
records in the directory.
When a user logs on to a computer in the domain, a
domain controller checks the directory for the user
name, password, and logon restriction to authenticate
the user.
Administrators can manage user accounts, network
access, shared resources, site topology, and other
directory objects from any domain controller in the
forest.
15

Windows 200X domain model have the

following types of computers
Member Server: A member server is a server
that is not configured as a Domain Controller. A
member server does not store directory
information and can not authenticate domain
users. Member Server provide shared resources
such as shared folders and printers. It also acts
as Application server.
Client Computer: Client computer run users
desktop environment and allow the user to gain
access to resources in the domain.
16

Directory Service
A directory service is a network service that stores
information about network resources and makes
that information available to users and
applications. It enables the user to find an object
when given any one of its attributes.
Active directory is the directory service in a
Windows Server 200X family.

17

Benefits
DNS integration
Scalability
Centralized management
Delegated administration

Acvtive Directory

The Windows-based directory service. Active Directory stores

information about objects on a network and makes this information
available to users and network administrators.
Active Directory gives network users access to permitted resources
anywhere on the network using a single logon process. It provides
network administrators with an intuitive, hierarchical view of the
network and a single point of administration for all network objects.
Directory : An information source that contains information about
users, computer files, or other objects. In a file system, a directory
stores information about files. In a distributed computing
environment (such as a Windows domain), the directory stores
information about objects such as printers, fax servers,
applications, databases, and other users.

18

Active Directory Terms

Forest

Domain

bibm.com

Tree
ctg.bibm.
com

Organizational Units
(OU) in
a domain

19

dhaka.bibm.
com

mirpur.
dhaka.bibm
. com

DNS and Active Directory Namespaces

DNS Namespace
Internet
.

(DNS root domain)

com.

Active Directory Namespace

microsoft

microsoft.com

training
sales

training. microsoft.com
computer1

sales. microsoft.com

= DNS node (domain or computer)

= Active Directory domain

DNS Host Names and Windows 2003

Computer Names
DNS

DNS host record and Active Directory

object represent the same physical
computer

DNS allows computers to locate domain

controllers within Active Directory

.
.
com.
com.

Active Directory

microsoft
microsoft
sales

training.microsoft.com

training

Builtin

computer1

Computers
Computer1
Computer2

FQDN
FQDN==computer1.training.microsoft.com
computer1.training.microsoft.com
Windows
Windows2003
2003Computer
ComputerName
Name==Computer1
Computer1

Domain, Tree and Forest

Domain: A domain is a collection of computers,
Users, Organizational units and groups defined
by an administrator, which share a common
directory database and securities.
A domain has a unique name and provides
access to the centralized user accounts and
group accounts maintained by the domain
administrator. Example bibm.com.

22

Domain, Tree and Forest

Tree: A tree is a hierarchical arrangement of one or
more domains that share a contiguous namespace.
When you add a domain to an existing tree, the new
domain is a child domain of an existing parent
domain. The name of the child domain is combined
with the name of the parent domain.
All domains within a single tree share a common
schema and global catalog.
Every child domain has a two-way, transitive trust
relationship with its parent domain.

23

Schema, Global Catelog, Object Class

Object: An entity, such as a file, folder, shared folder, printer, or Active Directory
object, described by a distinct, named set of attributes. For example, the
attributes of a File object include its name, location, and size; the attributes of an
Active Directory User object might include the user's first name, last name, and
e-mail address.
Object Class: A distinct, named set of attributes that represents a specific type
of entity stored in the directory, such as users, printers, or applications. The
attributes include data describing the thing that is identified by the directory
object. Attributes of a user might include the user's first name, last name, and email address.
Attributes: For files, information that indicates whether a file is read-only,
hidden, ready for archiving (backing up), compressed, or encrypted, and
whether the file contents should be indexed for fast file searching. In Active
Directory, a property of an object. For each object class, the schema defines
which attributes an instance of the class must have and which additional
attributes it might have.

24

Schema, Global Catelog, Object Class

Schema: The set of definitions for the universe of objects that can be
stored in a directory. For each object class, the schema defines which
attributes an instance of the class must have, which additional attributes it
can have, and which other object classes can be its parent object class.
Global Catelog: A directory database that applications and clients can
query to locate any object in a forest. The global catalog is hosted on one
or more domain controllers in the forest. It contains a partial replica of
every domain directory partition in the forest. These partial replicas
include replicas of every object in the forest, as follows: the attributes
most frequently used in search operations and the attributes required to
locate a full replica of the object.
In Microsoft Provisioning System, the Exchange server maintains a list of
global catalogs, and it maintains a load balance across global catalogs.

25

Domain, Tree and Forest

Forest: A forest is one or more trees. A forest do not share a
contiguous namespace. All trees in a forest share a common
schema and global catalog.
Every tree root domain has a transitive trust relationship with
the forest root domain.
Each tree in a forest has its own unique namespace.
One or more Active Directory domains that share the same
class and attribute definitions (schema), site and replication
information (configuration), and forest-wide search capabilities
(global catalog). Domains in the same forest are linked with
two-way, transitive trust relationships.

26

OU, Groups & Users

Organizational Unit 1

Domain

27

Organizational Unit 2

OU, Groups & Users

Organizational Unit: A container object that
you use to organize objects ( user accounts,
groups, computers, printers and other OUs)
within a domain.

28

OU, Groups & Users

Group
User

onal
i
t
a
z
i
Organ nit
U

29

30