the Domain is called as the security boundary with in the active directory.
A Windows domain is a logical group of computers running versions of the Microsoft Windows operating system that share a central directory database.
domain governs the way user access resources of the network
Forest
the Domain is called as the security boundary with in the active directory. A Windows domain is a logical group of computers running versions of the Microsoft Windows operating system that share a central directory database. domain governs the way user access resources of the network
The main group type found in active directory is the security group.
Active Directory Federation Services
Policy weakness
Access token
Active Directory Federation Services was developed by Microsoft. It is a software component that can be installed on Windows. It is designed to maintain application security and implement federal identity.
Access Token
The main zone types used in Windows Server 2003 DNS environments are primary zones and Active Directory-integrated zones. Both primary zones and secondary zones are standard DNS zones that use zone files. The main difference between primary zones and secondary zones is that primary zones can be updated. Secondary zones contain read-only copies of zone data.An Active Directory-integrated zone can be defined as an improved version of a primary DNS zone because it can use multi-master replication and the security features of Active Directory. The zone data of Active Directory-integrated zones are stored in Active Directory.Active Directory-integrated zones are authoritative primary zones.A few advantages that Active Directory-integrated zone implementations have over standard primary zone implementations are:Active Directory replication is faster, which means that the time needed to transfer zone data between zones is far less.The Active Directory replication topology is used for Active Directory replication, and for Active Directory-integrated zone replication. There is no longer a need for DNS replication when DNS and Active Directory are integrated.Active Directory-integrated zones can enjoy the security features of Active Directory.The need to manage your Active Directory domains and DNS namespaces as separate entities is eliminated. This in turn reduces administrative overhead.When DNS and Active Directory are integrated; the Active Directory-integrated zones are replicated, and stored on any new domain controllers automatically. Synchronization takes place automatically when new domain controllers are deployed
The Active Directory administrative tools can only be used from a computer with access to a domain. The following Active Directory administrative tools are available on the Administrative Tools menu: Active Directory Users and Computers (dsa.msc) Active Directory Domains and Trusts (domain.msc) Active Directory Sites and Services (dssite.msc)
DHCP
It is the Relative Identifiers (RID) & Security Identifiers (SID) that uniquely identifies an object throughout the Active Directory Domain. On page 85