Active Directory Structure - University of Waterloo
Active Directory Structure By Erick Engelke and Bruce Campbell Starting Point Top Level Structure
People Organization People Administered by WatIAM Second account for elevated privileges Elevated account is application-specific
Eg. ability to change peoples pay in DB Use of smartcards for some people Like passport userids cannot be shared Use other mechanisms to share data Userid/password equivalent to a signature Offer optional lower security account for use on public workstations
Groups Organization Groups Very useful for managing access to data WatIAM will manage some groups Faculty, staff, student lists
Course lists Delegated access to groups OU Naming Conventions Groups, servers, print queues need names ECE: Electrical & Computer Engineering
or Early Childhood Education We need a shared naming convention One of the first duties of the new committee Will look at existing ADS and Nexus naming conventions Workstations Organization
Workstations subtree follows organization of university workstation management IST manages many administration PCs Library and residences have own IT shops Much software purchased and policies set
at faculty level Non-windows machines also in the tree Unix Use AD for password authentication Possible to use AD to store uids, gids, home directories, shells, etc.
Problem: multiple jurisdictions with distinct uid/gid and home directory systems Various possible solutions Use NIS or password files (but not passwords) Virtual directories with different values for each jurisdiction Macintoshes
Many Macs participate in Nexus already Prefer using Apple OpenDirectory which is a virtual directory that gets userids/passwords, groups, etc. from AD Called Magic Triangle MacTUG group involvement on Mac related issues
Software Delivery GPOs, Systems Center, etc. Nexus has a wealth of software packages Would like to move to self-serve for offices Web based, automated delivery in future
Encourage transforms rather than new packaging Common Applications Software commonly needed FireFox, Acrobat reader, Flash, etc
Set timetable for updates Have early testers before general release Security Considerations Continue protective measures on DCs Want VPN to limit access from Internet, wireless, residences, etc.
reverse turing test like CAPTCHAs, audio, etc. - centralized people-tester Google does this too Certificates for user signing Two factor authentication for some Summary
Domain should be as simple as possible while reflecting the structure of UW Future services like video conferencing and digital signing will make use of AD Economize effort, minimize duplication Take the best of ADS and Nexus
Draw Polyatomics Ammonium Sulfate Types of Covalent Bonds NON-Polar bonds Electrons shared evenly in the bond E-neg difference is zero Between identical atoms Diatomic molecules Types of Covalent Bonds Polar bond Electrons unevenly shared E-neg difference greater than zero but...
Scale factor is the ratio of change between two sides. The number you multiply by to relate the first shape to the second is the scale factor. If a shape becomes twice as big, the scale factor would be two....
La pratica giudieiaria e più ancora il contatto diretto con la parte più umile delle nostre genti, consente di scoprire, come attraverso un filtro magico posto a ritroso nei secoli, un mondo ancora oggi popolato da streghe, da maghi, da...
Welcome to Environmental Science Mrs. Spoon Please have a seat and be ready to begin when the bell rings. Syllabus 1st homework assignment: GET YOUR SYLLABUS SIGNED! Turning in homework and other assignments. General Class Procedures ALL school rules apply.