Active Directory Basics – Part 2


                                    Active Director Basics – Part 2

 

Abstract

Engineers have to understand the major components of active directory with which their life becomes pretty easy. In the upper layer AD is very simple , but when you actually start deploying it or start troubleshooting it , you might find you are lost ! , but when you understand the core components you know where to look in exactly.

I would say Active directory heart is nothing but Data Store , because data store acts as an interface between the schema and the physical directory. It has a two way communication happening between the physical directory and the Schema.

 

 

This data store resides on every domain controller in the forest .There is an internal representation of the Data store , in other words, data store consists of sub components communicating with each other.

 

Simplified Explanation:

In very simplest form to understand the data store , it acts as an firewall which performs allows or denies for the applications. Data store does the same job

 

–It provides a way for applications to communicate to database.

–It provides a way to filter the communications

 

Implementation:

Data store is nothing but a collection of interfaces which are used to provide 2 major tasks for applications / clients

 

a)       Provide interface to communicate to Data store

b)       Provide Access to the physical database using Data store interfaces

c)       Filters the application calls made to the database for data retrieval or data commit

 

 

Interfaces In Data Store:

 

LDAP interface

 

SAM interface

 

ESE interface

 

Replication interface

 

DSA interface

 

 

 

 

Did You Know:

 

DSA (Directory system agent) is the one which does schema related activities. DSA performs the following

 

a)       Enforce the rules

b)       Checks the schema

c)       Enforce datatypes on attributes.

 

 

Example :

 

Application à Data store à database

 

Lower View

 

Application à Uses LDAP à Use DSA for access to Directory à Filters necessary API calls à ESE which communicates directly to database à Physical database.

 

From the above example you can now have a clear understanding of the data flow

 

Hope you have enjoyed this article, look for the next session

 

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s