6 Matching Annotations
  1. Oct 2020
    1. The default groups, that we talked about before, like domain users and domain admins are security groups. They're used to grant or deny access to IT resources.
    2. A distribution group, is only designed to group accounts and contacts for email communication. You can't use distribution groups for assigning permission to resources.
    1. The service that hosts copies of the Active Directory database are called domain controllers, or DCs
      • Hosts a replica of the Active Directory database and group policy objects.

      • Serve as DNS servers to provide name resolution and service discovery to clients.

      • Provides central authentication through a network security protocol called Kerberos

      • Decides whether or not clients have access to shared resources like file systems and printers

    2. Active Directory has been used to centrally manage networks of computers
      • A native service for Microsoft Windows
      • Knows how to speak LDAP protocol and can interoperate with Linux, OS-X and other non-windows hosts
      • Central repository of Group Policy Objects (GPOs)
    3. One of the most common methods for this authentication is using Kerberos.
      • Kerberos is a network authentication protocol that is used to authenticate user identity, secure the transfer of user credentials, and more
    4. role-based access control, or RBAC
      • Is an approach to restricting system access to authorized users.

      • Controlling access to resources isn't all you can do. You can also centralize configuration management.

        You wouldn't want to setup printers or software for each and every user.