务实技术讲座系列如何部署 Exchange 2000 和 ISA 2000 构建应用内容安排 AD 和 exchange 2000 网络设计 连接 Internet 安全Active Directory 在企业中域和 OUs 组成层次化管理结构多个域可以组成 树 -Trees 森林 -ForestsForestObjectsDomainDomainDomainDomainDomainDomainTreeDomainDomainDomainDomainTreeDomainDomainOUOUOUOUOUOUActive Directory SchemaObjectClass ExamplesObjectClass ExamplesPrintersPrintersComputersComputersUsersUsersAttributes of Users Might Contain:Attributes of Users Might Contain:accountExpiresdepartmentdistinguishedNamemiddleNameaccountExpiresdepartmentdistinguishedNamemiddleNameList of AttributesList of AttributesaccountExpiresdepartmentdistinguishedNamedirectReportsdNSHostNameoperatingSystemrepsFromrepsTomiddleName… accountExpiresdepartmentdistinguishedNamedirectReportsdNSHostNameoperatingSystemrepsFromrepsTomiddleName… Attribute ExamplesAttribute ExamplesActive Directory Schema Is: 动态可用的 动态可更新的 由 DACLs 保护域 -Domains一个域是个安全边界 一个域的管理员只能管理本域内的资源 , 除非明确被其他域授权一个域是一个复制的单元 一个域的域控制器参与复制并包含这个域的完整的目录信息Windows 2000DomainWindows 2000DomainUser1User2User1User2复制复制Global CatalogGlobal Catalog ServerGlobal CatalogGlobal CatalogSubset of the Attributes of All ObjectsSubset of the Attributes of All ObjectsDomainDomainDomainDomainDomainDomain查询查询Group membershipwhen user logs onGroup membershipwhen user logs on站点结构 Sites: 优化复制通信量 让用户能够通过一个稳定的,高速的连接登录到一个域控制器 SiteIP subnetIP subnetLos AngelesSeattleChicagoNew York站点拓扑结构举例Domain ADomain BSite 1Site 2Site LinkDomain ADomain BSite 2Site 1Site Link1234Active Directory 森林Exchange2000组织contoso.msftcontoso.msftnwtraders.msftsamerica.nwtraders.msftExchange2000组织Exchange2000组织nwtraders.msftsamerica.nwtraders.msftnamerica.nwtraders.msftNorthwindTraders多...
