Information Technology Reference
In-Depth Information
intersite replication Active Directory replication that occurs between two or more sites.
intrasite replication Active Directory replication between domain controllers in the same site.
Kerberos An open-standard security protocol used to secure authentication and identification
between parties in a network.
Knowledge Consistency Checker (KCC)
A process that runs on every domain controller to
determine the replication topology.
Lightweight Directory Access Protocol (LDAP) A protocol that runs over TCP/IP and is
designed to facilitate access to directory services and directory objects. LDAP is based on a
suite of protocols called X.500, developed by the International Telecommunications Union.
multimaster replication The process for replicating Active Directory objects in which changes
to the database can occur on any domain controller and are propagated, or replicated, to all
other domain controllers.
one-way trust
4
A trust relationship in which one domain trusts another, but the reverse is
not true.
operations master
A domain controller with sole responsibility for certain domain or
forestwide functions.
permission inheritance
The process of transmitting permissions from a parent object to a
child object.
realm trust A trust used to integrate users of other OSs into a Windows Server 2008 domain
or forest; requires the OS to be running Kerberos V5 authentication.
relative identifier (RID) The part of the SID that's unique for each Active Directory object.
See also security identifier (SID).
schema directory partition A directory partition containing the information needed to define
Active Directory objects and object attributes for all domains in the forest.
security identifier (SID) A numeric value assigned to each object in a domain that uniquely
identifies the object; composed of a domain identifier, which is the same for all objects in a
domain, and the RID. See also relative identifier (RID).
security principals An Active Directory object that can be assigned permissions or rights to
Active Directory objects and network resources.
shortcut trust A manually configured trust between domains in the same forest for the
purpose of bypassing the normal referral process.
site link A logical connection between two sites that determines the replication schedule and
frequency between the sites.
transitive trust A trust relationship based on the transitive rule of mathematics; therefore, if
Domain A trusts Domain B and Domain B trusts Domain C, then Domain A trusts Domain C.
trust relationship An arrangement that defines whether and how security principals from
one domain can access network resources in another domain.
two-way trust A trust in which both domains in the relationship trust each other, so users
from both domains can access resources in the other domain.
user principal name (UPN) A user logon name that follows the format username@domain .
Users can use their UPNs to log on to their own domain from a computer that's a member of a
different domain.
Review Questions
1. The protocol for accessing Active Directory objects and services is based on which of the fol-
lowing standards?
a.
DNS
b.
LDAP
c.
DHCP
d.
ICMP
 
Search WWH ::




Custom Search