Domain vs Local: Understanding Local vs Domain Accounts
Active Directory: Domains, OUs, Users & Groups
Group Policy Objects (GPOs): Apply Policies, Restrict Access
Home Lab Setup: Practice on Hyper‑V / VirtualBox with Windows Server ISOs
Local vs Domain Accounts
Create AD Lab VMs
Install AD DS & Promote DC
Create OUs, Users & Groups
Set up GPOs
Practice ACL permissions
Recommended Video
Cyber Mentor Active Directory
Active Directory (AD) kya hota hai?
Active Directory (AD) Microsoft ka ek centralized directory service hai jo computers, users, printers, servers, aur doosre network resources ko manage aur organize karta hai. Ye Windows Server operating systems ka ek core feature hai.
Simple Definition:
Active Directory ek database hai jisme poore network ke users, computers, aur unke access permissions ka record hota hai. Ye ensure karta hai ke sirf authorized log hi right systems/resources tak pahunch sakein.
Active Directory ka kaam kya hota hai?
| Feature | Description |
|---|---|
| Authentication | User login verify karta hai (username/password check karta hai) |
| Authorization | Decide karta hai ki user ko kya access milna chahiye |
| Central Management | Puri organization ke systems ko ek jagah se manage karna |
| Policy Enforcement | GPO ke through settings apply karna (e.g., password policy, USB block) |
| Resource Organization | Users, Groups, Devices ko folders (OUs) mein organize karna |
Active Directory ke Components:
Domain
Ek logical group hoti hai users, computers aur resources ki. Jaise: company.com
Domain Controller (DC)
Server jisme Active Directory installed hoti hai aur jo login/authentication handle karta hai.
Users and Groups
Users: Employees, admins, etc.
Groups: Similar users ko ek group mein daal ke access manage karna
Organizational Units (OUs)
Logical containers hoti hain jisme aap departments (HR, IT, Sales) ko divide kar sakte hain.
Group Policy Objects (GPOs)
Rules aur settings jo AD ke users/computers par apply ki jaati hain. Example:
Screen lock after 5 minutes
Disable Control Panel
Active Directory Users and Computers (ADUC)
GUI tool jisse AD manage kiya jaata hai (users, OUs, groups, etc.)
Active Directory ka use kahan hota hai?
Schools, Colleges (students & staff accounts)
Offices/Organizations (login management)
Banks & Government networks
Large IT networks jahan 100s ya 1000s of computers hote hain
Real-life Example:
Agar aap kisi office ka computer use kar rahe hain, toh jab aap login karte hain:
-
Aapka username/password Domain Controller verify karta hai.
-
Agar sahi hai, toh aapko access milta hai.
-
Fir aapke system par Group Policy ke settings apply hoti hain.
-
Aap apne department ke shared drive, printer ya software tak pahunch sakte hain — sirf wahi jo aapke role ke liye allowed hai.
๐ How it Works (Step-by-Step Login Process):
-
User logs in to PC (e.g., User1 logs into PC-HR1).
-
Authentication request goes to Domain Controller.
-
DC checks:
-
Is User1 valid?
-
Is password correct?
-
What Group Policy applies?
-
-
Access granted, and GPO is applied (e.g., disable USB).
-
User gets access to allowed drives, printers, and applications.
0 comments:
Post a Comment