By definition, sites are containing IP subnets that have fast and reliable communication links between hosts. By using the site, you can control and reduce the amount of traffic on slow WAN links.
Another major component within Active Directory is the Infrastructure Master . Infrastructure Master (IM) is a domain-wide FSMO (Flexible Single Master of Operations) that plays a role in responding to automated processes to correct errors in the Active Directory database.
Phantom is created on DCs, it requires a cross-database reference between an object inside a separate database and an object from the domain within the forest. An example might be encountered when you add a user from a domain to a group within another domain with the same forest. Phantom will be invalidated when they do not contain updated data, which occurs because changes are made to the external object that Phantom represents, such as when the target object is renamed, move somewhere between domains, or delete.The Infrastructure Master has the ability to locate and fix some phantom. Any changes that occur due to error correction are replicated to all the remaining DCs within the domain.
The Infrastructure Master is sometimes confused with Global Catalog (GC) , which maintains a copy that allows read only for domains within a forest, used for universal group storage and login process, . Because GC stores incomplete copies of all objects within the forest, they can create cross references between domains that do not need phantom.
LDAP (Lightweight Directory Access Protocol) is part of Active Directory, it is a software protocol that allows organizations, individuals or other resources such as files and devices in the network, even if your network is a network. Public Internet or intranet in the company.
In a network, a directory will tell you where to store certain data. In TCP / IP networks (including the Internet), domain name system (DNS) is a directory system used to associate a domain name with a specific network address (the only location in the network). However, you may not know the domain name, but LDAP allows you to search for specifics without knowing where they are located.
The LDAP directory is organized in a simple tree architecture consisting of the following levels:
An LDAP directory can be distributed among multiple servers. Each server can have a replica version of the master directory and is synchronized periodically.
Administrators need to understand LDAP when searching for information in Active Directory, creating useful LDAP queries when searching for information stored in the Active Directory database.
When it comes to Active Directory, we definitely have to mention Group Policy. Administrators can use Group Policy in Active Directory to define user and computer settings throughout the network. This setting is configured and stored in Group Policy Objects (GPOs), which are then combined with Active Directory objects, including domains and sites. This is the main mechanism for applying changes to computers and users in the Windows environment.
Through Group Policy management, administrators can globally configure desktop settings on user computers, restrict or allow access to certain files or folders within the network.
In addition, we also have to understand how GPOs are used. The Group Policy Object is applied in the following order: Internal machine policies are used first, then site policies, domain policies, and policies used for individual OUs. At some point, a user object or computer can only belong to one site or domain, so they will only receive GPOs associated with that site or domain.
GPOs are divided into two separate parts: Group Policy Template (GPT) and Group Policy Container (GPC) . The Group Policy Template is responsible for saving the settings created within the GPO. It stores settings in a folder structure and large files. To successfully apply these settings to all user and computer objects, the GPT must be replicated to all DCs within the domain.
Group Policy Containers are part of a GPO and are stored in Active Directory on DCs in the domain. The GPC is responsible for keeping references to Client Side Extensions (CSEs), paths to GPT, links to installation packages and other reference aspects of the GPO. GPC does not contain much information related to its GPO, but it is an essential component of Group Policy. When software installation policies are configured, GPC will help keep the links within the GPO. It also keeps other relational links and paths stored in object properties. Knowing the structure of GPC and how to access the hidden information stored in attributes will be necessary when you need to check for a problem related to GP.
With Windows Server 2003, Microsoft released a Group Policy management solution that is the Group Policy Management Console (GPMC) . GPMC provides administrators with a management interface that simplifies tasks related to GPOs. Good luck!