Administración remota de Active Directory®

Presentación del tema: "Administración remota de Active Directory®"— Transcripción de la presentación:

1 Administración remota de Active Directory®
Slide Title: Title Slide Keywords: Key Message: Slide Builds: 0 Slide Script: Hello! Welcome to this Microsoft TechNet session on Active Directory® Remote Administration. My name is {insert name}. Slide Transition: This is what we will cover. Additional Information:

2 Lo que vamos a cubrir: Mejoras a nivel bosque y dominio
Consideraciones para el diseño y la planeación de una sucursal Windows Management Instrumentation (WMI) Herramientas de Windows Server™ 2003 Slide Title: What We Will Cover Keywords: Key Message: Slide Builds: 0 Slide Script: Today we will cover improvements in the Windows Server™ 2003 domain and forest functional levels, special considerations when designing and planning for a branch office environment, and the use of command line and GUI tools for remote management and scripting. Slide Transition: To get the most out of this session, you should meet these prerequisites. Additional Information:

3 Conocimientos previos
Familiaridad con la administración de Active Directory Familiaridad con los sitios de Active Directory Familiaridad con la réplica de Active Directory Conceptos básicos de la secuencia de comandos de WMI Slide Title: Prerequisite Knowledge Keywords: Key Message: Slide Builds: 0 Slide Script: To get the most out of this session, you should have knowledge and experience of Windows Server 2003 Active Directory®, Active Directory replication, and basic WMI scripting concepts. Slide Transition: Next is the session’s agenda. Additional Information: Nivel 200

4 Agenda Implementar los controladores de dominio remotos
Utilizar WMI para la administración remota Herramientas de administración de Windows Server 2003 Slide Title: Agenda Keywords: Key Message: Slide Builds: 0 Slide Script: This is the agenda for this session. First we will cover how to deploy a domain controller to support a remote branch office connected over a Wide Area Network (WAN) link. Then we will look at the options available for remote management using the Windows Management Instrumentation Command-Line (WMIC) tools. Finally, we will cover other available remote management tools to administer Active Directory. Slide Transition: First look at the requirements for each domain functional level. Additional Information:

5 Implementar controladores de dominio Características de la sucursal
Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 1] For the purposes of this presentation, a branch office has certain defining characteristics that deserve special consideration in similar organizations. These characteristics have no relation to the domain or forest structure for the organization, but instead map to the physical layout, which is reflected in Active Directory Sites and Services. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

6 Implementar controladores de dominio Características de la sucursal
Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 2] Branch office deployments have a large number of locations with domain controllers, although the fact that a deployment has a large number of domain controllers alone does not necessarily make it a branch office deployment in the context of this presentation. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

7 Implementar controladores de dominio Características de la sucursal
Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 3] Another feature of the branch office deployment is that there are a small number of users in each branch office. Insurance companies and banks, for example, typically deploy their business structure in this way, with local offices in many different areas. In the context of this presentation, a small number of users means between 10 and 50 users of computers and network services. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

8 Implementar controladores de dominio Características de la sucursal
Sitio de organización en Londres Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 4] A large number of domain controllers implies that there may be a need for a staging site and that the number of branches to which domain controllers are being deployed is more than 100. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

9 Implementar controladores de dominio Características de la sucursal
Sitio de organización en Londres Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 5] Finally, the topology of the branch office environment contains one or more hub locations and spokes that extend from the hubs. A common scenario in a branch office environment is that locations are often linked to the corporate datacenter or hub by slow WAN links with a line speed between 19.2 kilobits and 64 kilobits in either a dial-up link or a leased line. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

10 Implementar controladores de dominio Características de la sucursal
Sitio de organización en Londres Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 6] In Active Directory deployment scenarios, you have two different management models to consider: decentralized and centralized. With the decentralized approach, changes are mostly made at the branches and are replicated through a hub to the rest of the domain and the forest. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

11 Implementar controladores de dominio Características de la sucursal
Sitio de organización en Londres Sitio concentrador en Londres Slide Title: Branch Office Characteristics Keywords: Key Message: What makes up a branch office environment? Slide Builds: 7 Slide Script: [Build 7] According to the centralized management model, changes are made at a corporate level and are replicated to the branches. User and group management, as well as group policy management, should be considered in light of these two models, because each will have significant effects on replication traffic and therefore on the load on domain controllers. In the context of this presentation, the focus centers on the centralized management model in which the administrator is located in the London office while managing the domain controller in the Tilbury branch office. Slide Transition: Having the proper structural plan in place assists in replication planning. Additional Information: Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith

12 Implementar controladores de dominio Planear la duplicación
Réplica de Active Directory Réplica de SYSVOL Sitio concentrador en Londres Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith Slide Title: Planning Replication Keywords: Key Message: Considerations for planning Active Directory and SYSVOL replication. Slide Builds: 5 Slide Script: [Build 1] Windows Server 2003 domain and forest-wide replication consists of two major components, Active Directory replication and SYSVOL replication, which uses the File Replication System (FRS). There are two major differences between how an available replication window is used by Active Directory and by FRS SYSVOL replication: start time and replication behavior. Slide Transition: Now review these settings in the Contoso branch office deployment. Additional Information:

13 Implementar controladores de dominio Planear la duplicación
Réplica de SYSVOL Réplica de Active Directory Sitio concentrador en Londres Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith Slide Title: Planning Replication Keywords: Key Message: Considerations for planning Active Directory and SYSVOL replication. Slide Builds: 5 Slide Script: [Build 2] Active Directory replication chooses a start time randomly within the first 15 minutes of a replication window to distribute the concurrence factor across the window. FRS SYSVOL replication, on the other hand, starts the moment the window opens. This means that while Active Directory replication with multiple partners starts at different times within a 15-minute window, FRS SYSVOL replication with multiple partners starts at the same time for all partners. Slide Transition: Now review these settings in the Contoso branch office deployment. Additional Information:

14 Implementar controladores de dominio Planear la duplicación
Réplica de Active Directory Réplica de SYSVOL Sitio concentrador en Londres Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith Slide Title: Planning Replication Keywords: Key Message: Considerations for planning Active Directory and SYSVOL replication. Slide Builds: 5 Slide Script: [Build 3] Active Directory replication is always a one-way pull replication. The domain controller that needs updates contacts a replication partner. The source domain controller then selects the updates that the target domain controller needs and copies them to the target domain controller. From the perspective of a domain controller, it has both inbound and outbound replication traffic, depending on whether it is the source or the destination of a replication sequence. Inbound replication is the incoming data transfer from a replication partner to a domain controller. For a hub domain controller in a branch-office environment, inbound traffic is data that is replicated from a branch-office domain controller. This replication traffic is serialized, meaning that the hub domain controller can handle inbound replication with only a single branch domain controller at a time. Outbound replication is the data transfer from a domain controller to its replication partner. For a hub domain controller, this is the replication from the central hub to the branch office domain controller. Outbound replication is not serialized; it is multithreaded. During outbound replication, the branch office domain controllers pull changes from the hub domain controller. Slide Transition: Now review these settings in the Contoso branch office deployment. Additional Information: Revisor de consistencia de conocimiento (KCC)

15 Implementar controladores de dominio Planear la duplicación
Réplica de Active Directory Réplica de SYSVOL Sitio concentrador en Londres Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith Slide Title: Planning Replication Keywords: Key Message: Considerations for planning Active Directory and SYSVOL replication. Slide Builds: 5 Slide Script: [Build 4] System policies and logon scripts stored in SYSVOL use FRS to replicate. Each domain controller keeps a copy of SYSVOL for network clients to access. FRS can copy and maintain shared files and folders on multiple servers simultaneously. When changes occur, content is synchronized immediately within sites, and by schedule between sites. FRS replicates as a multithreaded process, meaning that several replication sessions can run at the same time to handle multiple tasks. This allows FRS to simultaneously replicate different files between different computers. Multimaster replication means that changes to the SYSVOL can be made on any domain controller, and this domain controller will then replicate the changes out to the other domain controllers using a store-and-forward mechanism. FRS SYSVOL replication uses the same Active Directory replication topology defined by connection objects. In contrast to Active Directory replication, FRS SYSVOL replication uses a timestamp on a file to determine which version is the newer version, and should be kept on a domain controller and replicated out to partners. Slide Transition: Now review these settings in the Contoso branch office deployment. Additional Information: Revisor de consistencia de conocimiento (KCC)

16 Implementar controladores de dominio Planear la duplicación
Réplica de Active Directory Réplica de SYSVOL Sitio concentrador en Londres Sucursal en Tilbury Sucursal en Dundee Sucursal en Fife Sucursal en Leith Slide Title: Planning Replication Keywords: Key Message: Considerations for planning Active Directory and SYSVOL replication. Slide Builds: 5 Slide Script: [Build 5] Connection objects are Active Directory objects that represent a replication connection from one domain controller to another. The connection object is a child of the replication destinations NTDS settings object and identifies the replication source server, contains a replication schedule, and specifies a replication transport. Connection objects are created automatically by the Knowledge Consistency Checker (KCC), but they can also be manually created. The KCC runs on all domain controllers as a built-in process and generates the replication topology for the Active Directory forest. At specified intervals, the KCC reviews and makes modifications to the replication topology to ensure propagation of data, either directly or transitively. In a configuration with 100 or more sites, the KCC will not scale. With more replication partners, you must create a staggered replication schedule, create manual connection objects, or both. Your replication topology design should take into account load balancing for hub or bridgehead servers. After this design is implemented, you will need to continually monitor the replication traffic and server behavior to ensure that your design continues to be optimum for your organization. Slide Transition: Now review these settings in the Contoso branch office deployment. Additional Information: Revisor de consistencia de conocimiento (KCC)

17 demo Implementar y configurar un controlador de dominio en una oficina remota Revisar los niveles funcionales del bosque y del dominio Revisar la configuración del sitio Configurar la réplica del controlador del dominio Slide Title: Demonstration: Deploy and Configure a Domain Controller in a Remote Office Keywords: Key Message: . Slide Builds: 0 Slide Script: Slide Transition: Now let’s look at the next agenda item. Additional Information:

18 Agenda Implementar los controladores de dominio remoto
Utilizar WMI para la administración remota Herramientas de administración de Windows Server 2003 Slide Title: Agenda Keywords: Key Message: Slide Builds: 0 Slide Script: The next agenda item covers how to use WMI for remote management. Slide Transition: WMI is designed to make any administrative task accessible by a single technology. Additional Information:

19 WMI para la administración remota Windows Management Instrumentation
API de de comandos uniforme Administración remota Capacidad de descubrimiento y navegación Capacidad de consulta Publicación y suscripción de eventos Slide Title: Windows Management Instrumentation Keywords: Key Message: What is WMI? Slide Builds: 5 Slide Script: [Build 1] The Windows Server family provides an enhanced command-line infrastructure, allowing you to perform most management tasks without using a graphical user interface. WMI makes the Windows environment extremely manageable using a single consistent, standards-based, extensible, and object-oriented interface. All managed objects are defined under a common object framework based on the CIM object model. Scripts need to use only a single API, the WMI, to access information in the Windows environment. [Build 2] Objects managed within WMI are, by default, available to applications and scripts, both locally and remotely. No additional steps are needed to manage remote objects. [Build 3] Applications and scripts can discover available information about a system by enumerating the available classes. Relationships between related objects can be detected and traversed to see how one managed entity affects another. [Build 4] WMI treats its managed data much like a relational database and allows for SQL queries to be submitted in order to filter and focus requests for specific data. [Build 5] Events can be requested for virtually any change in the managed objects in the system, regardless of whether they support an internal event capability. Event subscribers can request notification of specific events based on their particular interests rather than just receiving events notifications predefined by the original developers. Slide Transition: Up next, the Using WMIC for Remote Management demonstration. Additional Information: TechNet: Products and Technologies\Windows 2000 Server\Maintain\Feature Usability Descripción general de WMI microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/windows_WMI_overview.htm?id=751

20 demo Utilizar WMIC para la administración remota Instalar WMIC
Utilizar Scriptomatic para escribir las secuencias de comandos de WMIC Slide Title: Demonstration: Using WMIC for Remote Management Keywords: Key Message: . Slide Builds: 0 Slide Script: Slide Transition: Now let’s summarize the session. Additional Information:

21 Resumen de la sesión Mejoras en el nivel de bosque y dominio
Windows Management Instrumentation Herramientas de Windows Server 2003 Slide Title: Summary Keywords: Key Message: Slide Builds: 0 Slide Script: This session covered the Active Directory improvements gained at the Windows Server 2003 domain and forest functional levels; The use of WMI for remote management and administration in a branch office environment, including the Scriptomatic tool and the WMI command-line interface; And the availability of the wide variety of tools available through the Resource Kit, Support Tools, and Administration Tool Kit. Slide Transition: To get more information on the products and technologies we have covered today, we have some online resources available. Additional Information:

22 Preguntas? http://groups.msn.com/technetmexico-online

23 www.microsoft.com/technet/tnt1-159 Para mayores informes
Visite TechNet en Visite el siguiente sitio Web para obtener información adicional, incluyendo: Libros y cursos Recursos de la comunidad Versiones de medios agilizados y descargables para esta sesión Slide Title: More Information Keywords: Key Message: Slide Builds: 0 Slide Script: For the most comprehensive technical information on Microsoft products, visit the main TechNet Web site at You can also visit for more concise information on books, courses, certifications, and other community resources that directly relate to this particular session. Slide Transition: Additional resources are available from Microsoft. Additional Information:

24 Suscripciones a TechNet ¿Ya se enteró de lo más reciente?
¡Software sin límites de tiempo! El software para evaluación de la versión completa proporciona una mayor flexibilidad a los suscriptores a TechNet Plus. Soporte técnico complementario. Los dos incidentes gratuitos de soporte técnico que se incluyen con todas las suscripciones a TechNet Plus le ahorran tiempo al resolver problemas de misión crítica. Tenga a la mano los recursos más actuales para evaluar, implementar y brindar soporte a las soluciones de Microsoft, que se ofrecen mensualmente en CD o en DVD, sin depender de una conectividad a Internet ni de los firewalls. Slide Title: TechNet Subscription Keywords: TechNet, subscription, benefits Key Message: TechNet Plus has some new benefits. Slide Builds: 0 Slide Script: Many of you may already be familiar with the Microsoft TechNet events and the Web site, but have you heard the news about the valuable benefits for TechNet Plus subscribers? Developed in response to customer feedback, TechNet Plus version 2.0 is the most convenient and reliable source for evaluating, managing, and supporting Microsoft products. With TechNet Plus you can: Evaluate Microsoft software without time limits. This is a huge benefit and allows IT professionals to try products such as Microsoft Office System and Windows Server System software without worrying about the software expiring. Save time resolving critical systems issues. TechNet Plus subscriptions include two complimentary technical support incidents to help IT professionals resolve critical issues fast. And, in countries where pay-per-incident support is offered, TechNet Plus subscribers receive a 20 percent discount on any additional support calls. TechNet Plus ensures that resources are available to address your technical issues and that you have the most current resources on hand for evaluating, implementing, and supporting Microsoft solutions. For details visit Slide Transition: TechNet also provides a number of community resources. Additional Information:

25 ¿En dónde puedo obtener ayuda?
Chats y difusiones por el Web gratuitos Lista de grupos de noticias Sitios de la comunidad de Microsoft Eventos de la comunidad Columna de la comunidad Slide Title: Community Help Keywords: community Key Message: Where to get more help. Slide Builds: 0 Slide Script: A number of free community resources are available on TechNet. You can attend a regular chat with members of the products groups or technology specialists from Microsoft, or you can attend a webcast, where you can see sessions like the one you’ve just watched, but presented live and with the ability to ask questions as you go. You can also read or post questions in the public newsgroups. The Newsgroup page lists the available groups and provides an interface from which you can read and respond to messages. TechNet Plus subscribers can use these groups to post questions that, through their subscription ID, will be answered by Microsoft within 24 hours. The main community site provides a comprehensive list of available resources — more than we can cover on this slide — plus the page has some dynamic features with continually updated content. The Events page provides dates and details regarding live TechNet events. These events take place worldwide and provide the opportunity for you to talk to Microsoft specialists face-to-face. The TechNet columns provide information on a variety of topics written by industry authors. Slide Transition: [Thank the audience for attending and sign off] Additional Information: