1
00:00:00,090 --> 00:00:05,370
All right let's talk through the logical components of Active Directory and you're going to hear these

2
00:00:05,370 --> 00:00:07,040
terms over and over again.

3
00:00:07,380 --> 00:00:11,680
So I'm going to walk you through them briefly and then you'll hear them as we go through the course.

4
00:00:11,700 --> 00:00:17,170
And it's just good to have that familiarity with the names and kind of what they mean behind it.

5
00:00:17,190 --> 00:00:22,110
So up first is what is called the Active Directory schema.

6
00:00:22,110 --> 00:00:26,660
And you can think of a schema as a rule book or a blueprint.

7
00:00:26,700 --> 00:00:35,560
Basically what it does is it contains definitions of every object that can be created in Active Directory.

8
00:00:35,610 --> 00:00:41,460
So you see here it just says it enforces rules regarding object creation and configuration.

9
00:00:41,820 --> 00:00:42,350
That's it.

10
00:00:42,360 --> 00:00:46,620
When you hear the schema all you've got to think about as a rule book you don't think too much more

11
00:00:46,620 --> 00:00:48,010
complex about that.

12
00:00:48,060 --> 00:00:51,200
It just enforces rules about object creation.

13
00:00:51,270 --> 00:00:55,620
More importantly is what are called domains.

14
00:00:55,620 --> 00:01:02,460
So domains are what is used to group things together so we can group our objects together in a single

15
00:01:02,460 --> 00:01:03,690
organization.

16
00:01:03,960 --> 00:01:09,540
And you can see here that we've got a single domain this Canto so dot com which is all these sources

17
00:01:09,540 --> 00:01:14,190
are provided by Microsoft Virtual Academy and it's just one domain.

18
00:01:14,190 --> 00:01:19,290
And if you have like a small business think of a small business you might just have one domain that

19
00:01:19,290 --> 00:01:26,670
you're on and this one domain has all the user's computers every object inside of it because all you

20
00:01:26,670 --> 00:01:28,250
need is one domain.

21
00:01:28,290 --> 00:01:34,710
So we have this one domain and it functions like a domain controller and we could see down here in the

22
00:01:34,710 --> 00:01:40,770
description that there are administrative boundaries for applying policies and they are authentication

23
00:01:40,800 --> 00:01:44,750
authorization and this looks very familiar to what a domain controller was.

24
00:01:44,970 --> 00:01:48,770
Except now we're just managing it all in what is called a domain.

25
00:01:48,780 --> 00:01:53,910
So when you see like a dot com or a dork you think of that as a domain not very different.

26
00:01:53,910 --> 00:02:01,230
When we are building it out in our network we also have what are called trees now trees are a group

27
00:02:01,230 --> 00:02:04,240
of domains and they're kind of in this hierarchy.

28
00:02:04,320 --> 00:02:08,920
So you see again we have this example of this Canto so dot com.

29
00:02:09,030 --> 00:02:14,820
Well what if Canto so dot com is the big name sake and then we have two child domains.

30
00:02:14,820 --> 00:02:20,640
So you've got to a parent domain and then we have a child domain or two child domains and we have a

31
00:02:20,640 --> 00:02:22,080
division in North America.

32
00:02:22,080 --> 00:02:26,040
So you've got any dot contests dotcom and then we have the European.

33
00:02:26,070 --> 00:02:28,920
So we have EMEA that Canto so dot com.

34
00:02:28,950 --> 00:02:34,980
So when we have trees we have this parent and then we've got these children when it comes to domain

35
00:02:35,580 --> 00:02:40,980
and they have what is called a trust with them that is to a transitive and we'll talk about trust here

36
00:02:40,980 --> 00:02:46,440
in just a little bit but just know that you have the parent and then you have the children and they

37
00:02:46,440 --> 00:02:52,410
share namespace and they share some trust between them and then we have what is called a forest.

38
00:02:52,470 --> 00:02:57,490
Now forests are just a collection of these trees.

39
00:02:57,540 --> 00:03:05,160
So if we have one tree and it's maybe Canto so and then you have another tree and maybe it's a different

40
00:03:05,160 --> 00:03:11,880
business name but they linked together one way or another and you can have different sort of trust between

41
00:03:11,880 --> 00:03:12,660
these forests.

42
00:03:13,080 --> 00:03:17,670
So we'll take a look at that again in just a second but just know that these build up and they stack

43
00:03:17,700 --> 00:03:23,370
as they get bigger and logically we start with the domain and then we have a tree and then we have a

44
00:03:23,370 --> 00:03:24,400
forest.

45
00:03:24,470 --> 00:03:25,030
OK.

46
00:03:25,320 --> 00:03:31,950
And for the sake of this class or for the sake of this cause we're only going to be working with a domain

47
00:03:32,340 --> 00:03:37,830
and a lot of times when you see even more advance Active Directory courses mostly you're going to be

48
00:03:37,830 --> 00:03:43,800
working with trees where you have these children domains and you might try to escalate into a parent

49
00:03:43,800 --> 00:03:48,580
domain hardly ever do you see forest but it's still important to know about them.

50
00:03:48,810 --> 00:03:54,290
Now inside of Active Directory there are what is called organizational units.

51
00:03:54,420 --> 00:03:56,690
And you'll hear me refer to them as oh use.

52
00:03:56,700 --> 00:04:03,630
That's the common terminology is an O U for these and these are just containers and they are containers

53
00:04:03,630 --> 00:04:09,990
for your users your computers your groups and you're gonna see this once we start building out our Active

54
00:04:09,990 --> 00:04:16,140
Directory components you're gonna see me go in and we're gonna set up some different o use and have

55
00:04:16,140 --> 00:04:20,390
our users in one o you will have our groups in their own o you etc..

56
00:04:20,430 --> 00:04:25,560
So you'll see what they are but as of right now just think of O use as organizational units.

57
00:04:25,800 --> 00:04:26,100
OK.

58
00:04:26,100 --> 00:04:34,040
And then we have trusts now trusts are how we have access between resources.

59
00:04:34,350 --> 00:04:38,560
Now you can see that there is directional trust and transitive tries.

60
00:04:38,610 --> 00:04:44,100
So if we have directional trust we have to have trust from one domain to the other domain.

61
00:04:44,730 --> 00:04:45,060
OK.

62
00:04:45,060 --> 00:04:48,540
So it flows from a trusting domain to a trusting domain.

63
00:04:48,540 --> 00:04:54,340
Now if we have transitive trust then we have a trusting domain and a trusting domain.

64
00:04:54,450 --> 00:04:58,110
But it also trusts everything that that domain trusts.

65
00:04:58,110 --> 00:05:04,680
So if there's other trees or if it's in a forest then it trusts everything that trickles down and you

66
00:05:04,680 --> 00:05:11,130
can see in the image here where we have to trust but then it's trusting everything that other domains

67
00:05:11,130 --> 00:05:12,570
are trusting as well.

68
00:05:12,570 --> 00:05:20,310
So a trust is just a way for users to have access to certain resources that might exist in another domain.

69
00:05:20,310 --> 00:05:27,690
And lastly we have objects so objects are what is going to be inside of our oh use our organizational

70
00:05:27,690 --> 00:05:29,880
unit we're going to have these different objects.

71
00:05:29,880 --> 00:05:36,300
So a user can be an object a group can be an object a computer printer shared folders you see all this

72
00:05:36,300 --> 00:05:37,620
thing in this list.

73
00:05:37,620 --> 00:05:38,880
They can be objects.

74
00:05:39,000 --> 00:05:48,030
So let's break this all down one more time so we have domains and domains are used to group and manage

75
00:05:48,060 --> 00:05:53,150
objects in an organization that's primarily we're gonna be working with in this course.

76
00:05:53,160 --> 00:05:57,270
If you have multiple domains we have what's called the tree.

77
00:05:57,270 --> 00:06:01,080
You might have a parent domain and then you might have the children domain.

78
00:06:01,080 --> 00:06:05,290
And then when you have multiple sets of trees you starting to build out a forest.

79
00:06:06,030 --> 00:06:06,770
OK.

80
00:06:06,810 --> 00:06:12,390
Now inside of these domains are these trees these forests are what's called these oh use these organizational

81
00:06:12,390 --> 00:06:18,120
units and these organizational units consist of these objects.

82
00:06:18,120 --> 00:06:18,570
All right.

83
00:06:18,570 --> 00:06:23,720
And then the last thing to remember is across forests or across domains.

84
00:06:23,730 --> 00:06:30,210
We have what are called trusts and these trusts can be directional meaning that one domain trusts another

85
00:06:30,210 --> 00:06:35,940
domain or they can be transitive meaning one domain trusts another domain and then trusts everything

86
00:06:35,940 --> 00:06:38,880
else that domain also trusts.

87
00:06:38,880 --> 00:06:39,240
OK.

88
00:06:39,270 --> 00:06:41,250
So high level overview.

89
00:06:41,250 --> 00:06:46,440
Take good notes on this if you need to go back and watch it one more time but you're going to see this

90
00:06:46,560 --> 00:06:51,480
over and over and over especially domains and organizational units and objects.

91
00:06:51,480 --> 00:06:56,640
We'll talk about trust again throughout the course and we'll give some ideas about trees later on in

92
00:06:56,640 --> 00:07:00,310
the course as well that we won't actually be exploiting them.

93
00:07:00,360 --> 00:07:01,720
So for this course.

94
00:07:01,800 --> 00:07:06,480
Big takeaways are domains organizational units and objects.

95
00:07:06,480 --> 00:07:08,200
And remember what trust are as well.

96
00:07:08,310 --> 00:07:13,050
But it does not hurt to know all these things just to boost your active directory knowledge especially

97
00:07:13,050 --> 00:07:15,300
for an interview if it comes up.

98
00:07:15,300 --> 00:07:16,230
So that is it.

99
00:07:16,230 --> 00:07:21,210
Now we're going to be moving on into our lab building and this is where the fun really begins.

100
00:07:21,210 --> 00:07:25,530
We're done with the death by PowerPoint so I'll catch you over in the next video or we start to build

101
00:07:25,530 --> 00:07:26,970
out our active directory lab.