Domain Controller Computers
Associated with the Domain hierarchy is the corresponding hierarchy of Domain Controller computers where AD provides LDAP services. Each domain may have multiple peer Domain Controllers and may also be distributed across geographical sites. The suite of Dell Remote Console Switches is designed to support both of these aspects of AD. DNS is used to determine the network coordinates of each Domain Controller so that the Dell Remote Console Switches can gracefully handle situations where some Domain Controllers are not available on the network. DNS SRV records are used for this purpose so the Dell Remote Console Switches always attempt to contact alternative Domain Controllers at the “nearest” site first, depending on the administrative settings configured in the SRV records.
Object Classes
Within each domain, there is another hierarchy of objects designed to store information about various entities and groupings of entities. Such entities are represented in AD by object classes used to define “containers” that help organize groupings of objects. Other object classes represent entities such as network users, computers, printers, or network services. Two types of container object classes are of special interest: Group and Organizational Unit (OU). These two object classes allow the AD administrator to define groupings of entities for the purpose of simplifying the application of access controls and other administrative policies. For example, a domain may be configured to have an OU container named “Engineering” which contains several Group objects named according to function, like “Hardware,” “Software,” and “Support;” each of the groups is configured with a membership list of User objects and perhaps Computer objects. Yet another level of hierarchy can be configured by “nesting” groups; a nesting is formed by including the name of a Group object in the membership of another Group object. It should be noted here that each AD Group object has an associated “scope” that is used to configure the types of nesting relationships it is allowed to have with other groups; for example, when scope is set to “Universal,” the group may participate in nesting that crosses domain boundaries but when scope is set to “Local” it may not participate in such nesting. Rules for nesting are available in the AD product documentation available from Microsoft. The suite of Dell Remote Console Switches is designed to support all nesting rules defined for AD.
LDAP Feature for the Remote Console Switch
