It is a hierarchical representation of all the objects and their attributes available on the network. It enables administrators to manage the network resources, i.e., computers, users, printers, shared folders, etc., in an easy way. The logical structure represented by Active Directory consists of forests, trees, domains, organizational units, and individual objects. This structure is completely independent from the physical structure of the network, and allows administrators to manage domains according to the organizational needs without bothering about the physical network structure.

Following is the description of all logical components of the Active Directory structure:

Forest: A forest is the outermost boundary of an Active Directory structure. It is a group of multiple domain trees that share a common schema but do not form a contiguous namespace. It is created when the first Active Directory-based computer is installed on a network. There is at least one forest on a network. The first domain in a forest is called a root domain. It controls the schema and domain naming for the entire forest. It can be separately removed from the forest. Administrators can create multiple forests and then create trust relationships between specific domains in those forests, depending upon the organizational needs.

Trees: A hierarchical structure of multiple domains organized in the Active Directory forest is referred to as a tree. It consists of a root domain and several child domains. The first domain created in a tree becomes the root domain. Any domain added to the root domain becomes its child, and the root domain becomes its parent. The parent-child hierarchy continues until the terminal node is reached. All domains in a tree share a common schema, which is defined at the forest level. Depending upon the organizational needs, multiple domain trees can be included in a forest.

Domains: A domain is the basic organizational structure of a Windows Server 2003 networking model. It logically organizes the resources on a network and defines a security boundary in Active Directory. The directory may contain more than one domain, and each domain follows its own security policy and trust relationships with other domains. Almost all the organizations having a large network use domain type of networking model to enhance network security and enable administrators to efficiently manage the entire network.

Objects: Active Directory stores all network resources in the form of objects in a hierarchical structure of containers and subcontainers, thereby making them easily accessible and manageable. Each object class consists of several attributes. Whenever a new object is created for a particular class, it automatically inherits all attributes from its member class. Although the Windows Server 2003 Active Directory defines its default set of objects, administrators can modify it according to the organizational needs.

Organizational Unit (OU): It is the least abstract component of the Windows Server 2003 Active Directory. It works as a container into which resources of a domain can be placed. Its logical structure is similar to an organization’s functional structure. It allows creating administrative boundaries in a domain by delegating separate administrative tasks to the administrators on the domain. Administrators can create multiple Organizational Units in the network. They can also create nesting of OUs, which means that other OUs can be created within an OU.
In a large complex network, the Active Directory service provides a single point of management for the administrators by placing all the network resources at a single place. It allows administrators to effectively delegate administrative tasks as well as facilitate fast searching of network resources. It is easily scalable, i.e., administrators can add a large number of resources to it without having additional administrative burden. It is accomplished by partitioning the directory database, distributing it across other domains, and establishing trust relationships, thereby providing users with benefits of decentralization, and at the same time, maintaining the centralized administration.

The physical network infrastructure of Active Directory is far too simple as compared to its logical structure. The physical components are domain controllers and sites.

Domain Controller: A Windows 2003 server on which Active Directory services are installed and run is called a domain controller. A domain controller locally resolves queries for information about objects in its domain. A domain can have multiple domain controllers. Each domain controller in a domain follows the multimaster model by having a complete replica of the domain’s directory partition. In this model, every domain controller holds a master copy of its directory partition. Administrators can use any of the domain controllers to modify the Active Directory database. The changes performed by the administrators are automatically replicated to other domain controllers in the domain.
Continue Reading

You must have seen them. Web addresses like http://tinyurl.com/2gj2z3 which, when you click on them, take you to another web page. Why use them? Are there any risks in using them?

URL stands for Uniform Resource Locator. It’s the posh technical term for a web address. Web addresses normally take the form http://www.somesite.com/somepage.html, which is not too much of a problem. But some site names can get very long, and so can page names. The increased use of database-driven sites mean that URLs can get very long indeed, and most of them is computer gobbledygook. They are impossible to type in, if you are reading them in a print article, and often get corrupted by word-wrapping when they appear in an email or blog posting.

An URL shortener is a web service that takes a long address that’s hard to type, and turns it into a short one. You should use them in articles for print publication, classified ads, emails, blog and forum postings, anywhere there is a danger that the full address may be corrupted, or that someone may need to type the address into a browser manually.

But there is a danger in using short URLs that may make people afraid to use them. The short address disguises the real destination. This makes it easy for somebody to post an innocent looking message encouraging people to click on a link that takes them to a site which infects their computer with spyware, or something equally undesirable.
Continue Reading

Navino launched its search engine gateway service recently. For most of the Internet surfers, search engine gateway is a pretty new concept compared with meta search engine or multi search engine. Put it in simple, it is a web service, which can let you search the best information from the best content providers in one website.

When we try to find information everyday, most of us might go to Google.com. Yes, it’s true. Most of the time, Google works well. But does Google return the best information? I guess you would agree that the search engine’s ranking algorithm could only give a good answer, but not the best. Well, you may ask, where can I get the BEST? The best weather information? The best book information? The best price for your favorite mp3 player? The short answer is from the brain, from the hand picked information. Therefore, Navino’s editors and their users give out that the best weather website is weather.com, the best book website is amazon.com and the best price information is froogle.

Besides best hand picked information resources, Navino also provide the search engine gateway technology. Using this technology, you can search all the best website at Navino. All you need to do is to add a unique search name before your searching keywords.
Continue Reading

An intranet is basically a private web based network. It uses all of the technology of the internet but is safe and protected behind a firewall that keeps unauthorized personnel out. Companies have been using them for years as a method of streamlining their internal communications.

Because a web browser can run on any type of computer, the need to maintain multiple paper copies of documents that are constantly changing can be eliminated. Documents like training manuals, internal phone books, procedure manuals, benefits information, employee handbooks, requisition forms, etc. can be maintained as electronic documents and updated at almost no cost. The savings in paper and other material costs can be significant

But the most powerful aspect of an intranet is its ability to display information in the same format to every computer being used. That allows all of the different software and databases a company uses to be available to all employees without any special equipment or software being installed on their systems.

This universal availability of information is sparking an era of collaboration unlike anything ever seen before. The departmental barriers that exist in many companies are slowing breaking down because now colleagues can share information readily using the company intranet.
Continue Reading

Web and FTP Servers

Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.

However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.

The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ.
Therefore if any hacker where to compromise a machine within the DMZ, then the only network they would have access to would be the DMZ. The hacker would have little or no access to the LAN. It would also be the case that any virus infection or other security compromise within the LAN would not be able to migrate to the DMZ.
Continue Reading

There are many ways to get any of the large number of network certifications now available. There’s not only software certification like those offered from Oracle, Java, Microsoft, etc. but there’s also direct network hardware certifications from strong companies like Cisco and then there’s the server administration, hardware repair, security and several sub category type certifications. All are available but the question is if these have any real value in the marketplace.

The answer, unfortunately is not simple. This is because while many companies demand a certain certification, they will also bend the requirement and allow you to get certified once you have the job. There’s also people in the marketplace who are strong proponents of certification or another. The reason for this is usually because they have that certification and by requiring it, they somehow believe it validates their decision to obtain the training and pass the tests.

The reality is that like a good resume and education pedigree, certifications help get you in the door. Think about it for a moment. If you were hiring a network administrator, you would probably ask for the usually experience and basic education and some type of networking certification. If 100 people claiming the same skills and experiences levels all apply and all have at least the single required certification while 10 have not only the network cert but also maybe several MS and a security certificate, which candidates applying would probably get scheduled for interviews? Right! It would be the ones with the better paper qualifications.
Continue Reading