Introduction

In this Read it will be addressed the Active Directory and DHCP concepts.

What is an Active Directory?

Active Directory (AD) is Microsoft's directory and identity management service for Windows domain networks. It was introduced in Windows 2000, is included with most MS Windows Server OS, and is used by a variety of Microsoft solutions like Exchange Server and SharePoint Server, as well as third-party applications and services.

Which services AD provide?

AD is made up of a number of different directory services, including:

• Active Directory Domain Services (AD DS) - the core Active Directory service used to manage users and resources.
• Active Directory Lightweight Directory Services (AD LDS) - a low overhead version of AD DS for directory-enabled applications.
• Active Directory Certificate Services (AD CS) - for issuing and managing digital security certificates.
• Active Directory Federation Services (AD FS) - for sharing identity and access management information across organizations and enterprises.
• Active Directory Rights Management Services (AD RMS) - for information rights management (controlling access permissions to documents, workbooks, etc)

Fundamental AD Features and Capabilities

• A schema - defines the classes of objects and attributes contained in the directory.
• A global catalog - contains detailed information about every object in the directory.
• A query and index mechanism - allows users, administrators, and applications to efficiently find directory information.
• A replication service - disseminates directory data across the network.

The AD schema supports various types of objects like User, Group, Contact, Computer, Shared Folder, Printer, and Organizational Unit, along with a set of descriptive attributes for each object.

AD makes use of the security and networking protocols including LDAP (Lightweight Directory Access Protocol), DNS, and Microsoft's version of the kerberos authentication protocol.

AD Domain Services Overview

Active Directory Domain Services is the primary Active Directory service. It is used to authenticate users and to control access to network resources. A server running AD DS is called a domain controller. Most Windows domain netowrks have two or more domain controllers; a primary domain controller and one or more backup domain controllers for resiliency. During login, users authenticate to a domain controller and are granted access to particular resources based on administratively defined policies.

AD Data Structures

Active Directory stores information about network users and resources in a hierarchical structure consisting of domains, trees and forests.

• A domain - collection of objects that share the same AD database. A domain is identififed by a DNS name like company.com.
• A tree - collection of one or two domains with a contiguous namespace.
• A forest - collection of one or more trees that share a common schema, global catalog, and directory configuration, but aren't part of a contiguous namespace.

Objects within a domain can be grouped into organizational unit to simplify administration and policy management.

AD Benefits

• Security - AD helps businesses improve security by controlling access to network resources.
• Extensibility - companies can easily organize AD data to align with their organizational structure and business needs.
• Simplicity - administrators can centrally manage user identities and access privileges across the enterprise, helping businesses simplify management and reduce operations expenses
• Resilience - AD supports redundant components and data replication to enable high availability and business continuity

Obtaining a Host Address: The Dynamic Host Configuration Protocol (DHCP)

Once an organization has obtained a block of addresses, it can assign individual IP addresses to the host and router interfaces in its organization. A system administrator will typically manually configure the IP addresses into the router (often remotely, with a network management tool). Host addresses can also be configured manually, but typically this is done using the Dynamic Host Configuration Protocol (DHCP). DHCP allows a host to obtain an IP address automatically. A network administrator can configure DHCP so that a given host receives the same IP address each time the host connects to the network. In addition to host IP address assignment, DHCP also allows a host to learn additional information, such as its subnet mask, the address of its first-hop router (often called default gateway), and the address of its local DNS server.

Because of DHCP's ability to automate the network-realted aspects of connecting a host into a network, it is often referred to as plug-and-play or zeroconf protocol.

DHCP is a client-server protocol. A client is typically a newly arriving host wanting to obtain network configuration information, including an IP address for itself. In the simplest case, each subnet will have a DHCP server. If no server is present on the subnet, a DHCP relay agent that knows the address of the DHCP server for that network is needed. The figure below shows a SHCP server attached to subnet 223.1.2/24, with the router serving as the relay agent for arriving clients attached to subnets 223.1.1/24 and 223.1.3/24.

For a newly arriving host, the DHCP protocol is a four-step process.

• DHCP server discovery. The first talk of the newly arriving hist is to find a DHCP server with which to interact. This is done using a DHCP discover message, which a client sends within a UDP packet to port 67. The UDP packet is encapsulated in an IP datagram. But to whom should this datagram be sent? The host doesn't even know the IP address of the network to which it is attaching, much less the address of a DHCP server for this network. Given this, the DHCP client creates an IP datagram containing its DHCP discover message along with the broadcast destination IP address of 255.255.255.255 and a "this host" sorce IP address of 0.0.0.0. The DHCP client passes the IP datagram to the link layer, which then broadcasts this frame to all nodes attached to the subnet.
• DHCP serveroffer(s). A DHCP server receiving a DHCP discover message responds to the client with a DHCP offer message that is broadcast to all nodes on the subnet, again using the IP broadcast address of 255.255.255.255. Since several DHCP servers can be present on the subnet, the client may find itself in the enviable position of being able to choose among several offers. Each server offer message contains the transaction ID of the received discover message, the proposed IP address for the client, the network mask, and an IP address lease time - the amount of time for which the IP address will be valid. It is common for the server to set the lease time to several hours or days.
• DHCP request. The newly arriving client will choose from among one or more server offers and respond to its selected offer with a DHCP request message, echoing back the configuration parameters.
• DHCP ACK. The server responds to the DHCP request message with a DHCP ACK message, corfirming the requested parameters.

Once the client receives the DHCP ACK, the interaction is complete and the client can use the DHCP-allocated IP address for the lease duration. Since a client may want to use its address beyond the lease's expiration, DHCP also provides a mechanism that allows a client to renew its lease on an IP address.

From a mobility aspect, DHCP does have one very significant shortcoming. Since a new IP address is obtained from DHCP each time a node connects to a new subnet, a TCP connection to a remote application cannot be maintained as a mobile node moves between subnets.

References

1 - https://www.cyberark.com/what-is/active-directory/

2 - Computer Networking, "A Top-Down Approach", KUROSE ROSS, SEVENTH EDITION