Manage Active Directory Infrastructure - Part 2
Welcome to the "Manage Active Directory Infrastructure - Part 2" Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
Welcome to the Manage Active Directory Infrastructure - Part 2 Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
In this module, you will complete the following exercises:
- Exercise 1 - Install Additional Domain Controller
- Exercise 2 - Manage Sites and Active Directory Replication
- Exercise 3 - Examine Active Directory Partitions
After completing this lab, you will be able to:
- Create an additional domain controller in an existing domain
- Create a new site
- Associate new and existing sites with a subnet
- Schedule replication between two Active Directory sites in the same domain
- Verify replication between two Active Directory sites in the same domain
- Examine Active Directory Schema partition
- View Active Directory Configuration partition
- View Active Directory Domain partition
The following exam objectives are covered in this lab:
- Understand Active Directory Infrastructure - Namespace or directory partitions, sites, replication, schema
It will take approximately 60 minutes to complete this lab.
Exercise 1 - Install Additional Domain Controller
To ensure high availability of Active Directory Domain Services, additional domain controllers must be installed in other locations of the company’s network. By having a domain controller in other places, administration of AD will be efficient as changes in the AD data is replicated to the other domain controllers owned by the organization. This means that user authentication is processed by the nearest domain controller in the organization’s network therefore ensuring fast and efficient user logins.
You will notice that this exercise is repeat of Module 9. The installation of an additional domain controller is essential to be able to understand Active Directory replication, manage sites and the naming contexts (partitions) of the Active Directory database.
Exercise 2 - Manage Sites and Active Directory Replication
In managing a physical network, a site represents a set of servers, computers and other devices connected by a high-speed network such as local area network (LAN). All devices connected to the physical site are located in the same office building or a campus network.
In Active Directory Domain Services (AD DS), a site is a logical representation of the physical site that administrators manage to control replication traffic of AD DS data such as schema, configuration and domain between domain controllers within an AD DS forest. With Active Directory Sites and Services, you can manage the objects that represent the site and the domain controllers located in those sites.
Exercise 3 - Examine Active Directory Partitions
Active Directory Domain Services (AD DS) data maintains information called a directory partition or naming context. The naming context is a compartmentalized portion of the AD DS data that is replicated to all domain controllers in the same AD forest.
An AD forest is an instance of Active Directory composed of domain trees that do not form an adjacent namespace. Domain trees in a forest share a common schema, configuration and global catalog information. The schema partition provides the definition of object classes (types) such as user, group, organizational unit, subnets, sites and others. The schema likewise indicates the attributes (properties) for each object type in Active Directory. The schema is replicated to all domain controllers that belong to the same Active Directory forest.
The configuration partition contains information about the topology of network services such as directory service, domain controllers, sites among others. Similarly, the configuration partition is replicated to all domain controllers in the same Active Directory forest.
The domain partition holds information about users, security groups, computers and organizational units. These are replicated to all domain controllers within a specific domain.
The application partition stores information about applications in Active Directory. An example, is the AD integrated zones in Domain Name System is stored in this partition or naming context.
This exercise will introduce a number of tools for managing these AD partitions such as Active Directory Schema console for viewing objects and their corresponding properties. ADSI Edit for viewing Configuration and Domain naming contexts of Active Directory.
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.