Skip to main content
Sign In |
  Help (new window)

The ComKatz Tech Site

Go Search
Home
  
The ComKatz Tech Site > Articles > Active Directory, Part One - DNS  

Active Directory, Part One - DNS
 
 
Active Directory is a database, shared by many servers called Domain Controllers, that holds a list of users, groups and other objects that provide the configuration and security information for an enterprise.  Active Directory holds all security information for the users, provides authentication for users, provides a store for Exchange's configurtuation information and much more. 
 
There are a number of reasons to use Active Directory, from it's ease of use, to it's scalability, but the most inportant reason to use it is that everyone else does.  It is the standard for enterprise security.  And Exchange uses it so it is required anywhere that uses Exchange.  Since Exchange has the largest market share for Enterprise Email it makes sense that if you are going to choose a domain structure to use that you learn Active Directory.
 
The best place to start with Active Directory is not so much AD, but rather with DNS.  DNS is how clients find servers and services.  On the Internet every site is assigned an IP address, which may look like 164.231.115.121 or any other of millions of numbers.  Since this is hard to remember, the founders of the Internet, called Arpanet at the time, created DNS.  DNS basically allows you to tell the computer a plain text name (www.google.com) and have it translated to an IP address.   In this case www points to the server for www (or cluster of server) and google is the domain name registered by the Google corporation.  The .com (commercial addresses) is called a top level domain and shared by millions of companies and individuals who have registered domain names.  DNS infrastructure is pretty simple on the Internet, but inportant just the same.  After you register your domain name with your registrar you configure, with the registrar, a server that is authoratative for that domain.  Another words, a server that all others should go to to get the IP addresses for requested servers for that domain.  When you try to resolve a domain name to an IP address your computer first checks it's local cache to see if it already knows the response.  If it doesn't it checks it's local hosts file (a file that you can manually enter addresses into, found in the windows\system32\drivers\etc folder).  If it is not there it passes it's request to the DNS server that is configured to be it's primary DNS server.  This server can do several things.  If it happends to be the authoratitive server it returns the answer.  If not it checks to see if it has cached the answer from a previous query.  If not, it goes to the top level domain (or forwards to an other DNS server if so configured where that server will do the same thing) and finds the IP of the authorative DNS server for that domain.  Then it goes to that authorative server and asks for the IP of that particular DNS name.  After it gets the response it caches that response locally and sends the response back to the client.  All of this is inportant, you will see why later in the article.  It is also inportant to note that negative responses, responses that say name not found, are cached.  On the client you can deleted this cache by running ipconfig /flushdns.
 
 
continued...