Microsoft Network Operating System


IT221 Microsoft Network Operating System 1

a. Active Directory Federation Services (AD FS) provides Web single-sign-on (SSO) technologies to authenticate a user to multiple Web applications using a single user account. AD FS accomplishes this by securely federating, or sharing, user identities and access rights, in the form of digital claims, between partner organizations.

b. Organizations that have applications which require a directory for storing application data can use Active Directory Lightweight Directory Services (AD LDS) as the data store. AD LDS runs as a non-operating-system service, and, as such, it does not require deployment on a domain controller. Running as a non-operating-system service allows multiple instances of AD LDS to run concurrently on a single server, and each instance can be configured independently for servicing multiple applications.

c. Active Directory Certificate Services provides customizable services for creating and managing public key certificates used in software security systems employing public key technologies. Organizations can use Active Directory Certificate Services to enhance security by binding the identity of a person, device, or service to a corresponding private key. Active Directory Certificate Services also includes features that allow you to manage certificate enrollment and revocation in a variety of scalable environments. d. Active Directory Rights Management Services (AD RMS) (AD RMS) is information protectiontechnologythat works with AD RMS -enabled applications to help safeguard digital information from unauthorized use. Content owners can define exactly how a recipient can use the information, such as who can open, modify, print, forward, and/or take other actions with the information. Organizations can create custom usage rights templates such as “Confidential – Read Only” that can be applied directly to information such as financial reports, product specifications, customer data, and e-mail messages. 2.

Server Manager is a new feature that is included in Windows Server 2008, which is designed to guide information technology (IT) administrators through the process of installing, configuring, and managing server roles and features that are part of the Windows Server 2008 release. Server Manager is launched automatically after the administrator completes the tasks listed in Initial Configuration Tasks. If the Initial Configuration Tasks window has been turned off, Server Manager is also launched automatically when an administrator logs on to the server.Server Manager replaces a number of features from Microsoft Windows® Server® 2003 such as Manage Your Server, Configure Your Server, and Add or Remove Windows Components. It is composed of the following elements: Initial Configuration Tasks, Add Roles Wizard, Add Role Services Wizard, Add Features Wizard, Remove Roles Wizard, Remove Role Services Wizard, Remove Features Wizard, Role management home pages, Command-line tools 3.

With Windows System Resource Manager for the Windows Server® 2008 R2 operating system, you can manage server processor and memory usage with standard or custom resource policies. Managing your resources can help ensure that all the services provided by a single server are available on an equal basis or that your resources will always be available to high-priority applications, services, or users. Windows System Resource Manager only manages processor resources when the combined processor load is greater than 70 percent. This means that it does not actively limit the resources that can be used by each consumer when processor load is low. When there is contention for processor resources, resource allocation policies help ensure minimum resource availability based on the management profile that you define.


Network Access Protection (NAP) is a feature in Windows Server 2008 that controls access to network resources based on a client computer’s identity and compliance with corporate governance policy. NAP allows network administrators to define granular levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.