DNS: Domain Name Server
What DNS
Does:
When you type a website address (like www.google.com) into
your browser, your computer doesn’t understand that name directly. It needs the
IP address (like 142.250.190.68) of the server hosting that website. DNS
translates the human-friendly domain name into the machine-friendly IP address.
How DNS
Works (Step-by-Step):
·
User enters a URL – e.g., www.example.com
·
DNS resolver (usually provided by your ISP or a
service like Google or Cloudflare) checks if it already knows the IP.
·
If not, it queries the root DNS servers to find
the right Top-Level Domain (TLD) server (for .com, .org, etc.).
·
The TLD server points to the authoritative DNS
server for example.com.
·
That server responds with the IP address of the
web server.
·
The resolver sends that IP back to your
computer, which connects to the site.
Why DNS Is
Important:
- Usability: People remember
names better than numbers.
- Scalability: Allows websites
to change IPs without changing their names.
- Security: Systems like DNSSEC
help validate DNS responses to prevent spoofing.
- Performance: Caching speeds
up future lookups.
Key Terms:
- DNS Resolver: The service
that finds the IP for a domain.
- Root Servers: The starting
point of DNS lookups.
- TLD Servers: Handle domains
like .com, .org, etc.
- Authoritative DNS Server:
Holds the actual IP info for a domain.
- DNS Cache: Stores past
lookups to speed up future visits.
What is
DHCP?
DHCP
stands for Dynamic Host Configuration Protocol.
It’s a protocol used to automatically assign IP addresses and other
network settings to devices on a network.
What Does
DHCP Do?
When you
connect a device (like a phone, laptop, or printer) to a network, DHCP
automatically gives it:
- An IP address
- A subnet mask
- A default gateway
- DNS server information
Without
DHCP, you'd have to set all these values manually for each device.
DHCP: Dynamic Host Configuration Protocol
How DHCP
Works (Step-by-Step):
1. Discovery
The device
says:
🗣️ “Hey, any DHCP server out there?”
(It broadcasts a DHCP DISCOVER message.)
2. Offer
A DHCP
server replies:
🎁 “Here’s an IP you can use!”
(It sends a DHCP OFFER.)
3. Request
The device
says:
🙏 “I’d like to use that IP, please.”
(It sends a DHCP REQUEST.)
4. Acknowledgment
The server
confirms:
✅ “That IP is
now yours.”
(It sends a DHCP ACK.)
Now the
device is fully configured and ready to use the network!
Lease Time
The IP
address is given for a limited time, called a lease (e.g., 24 hours).
When the lease expires, the device can:
- Renew the lease
- Or get a new IP address
Example
You connect
your laptop to Wi-Fi.
Without doing anything, your laptop gets:
- IP: 192.168.1.45
- Subnet: 255.255.255.0
- Gateway: 192.168.1.1
- DNS: 8.8.8.8
All thanks
to DHCP.
Why DHCP is
Useful
- ✅ No manual setup
- ⚠️ Avoids IP conflicts
- 📈 Scales easily
(good for homes, offices, hotels, etc.)
- 🔁 Centralized
control for network administrators
DC: Domain
Controller
A Domain
Controller (DC) is a server that manages network security and
user access in a Windows domain environment. It’s a central
authority that handles authentication and authorization in networks using Active
Directory (AD).
What is a Domain Controller?
A Domain
Controller is a server that:
- Authenticates users when they log
in (e.g., verifies username and password)
- Enforces security policies
- Manages computers, users, and
groups in the domain
- Provides access control to shared
resources
It runs Active
Directory Domain Services (AD DS), which is Microsoft's directory service.
What It
Does:
- Authentication
- Verifies who the user is
- Controls who can log in
and from where
- Authorization
- Decides what the user can
do (files, printers, apps, etc.)
- Central Management
- Admins can manage all
users and computers from one place
- Policy Enforcement
- Uses Group Policy
to control user settings, app access, security, etc.
Example
Scenario:
You're in a
company called Contoso:
- You log into a PC with your
username: john@contoso.com
- The PC contacts the Domain
Controller
- The DC checks your password and
permissions
- If approved, it logs you in and
applies company policies
Key
Concepts:
|
Term |
Description |
|
Domain |
A group of
computers/users managed as a unit |
|
Active
Directory (AD) |
The
database storing user accounts, groups, policies |
|
Group
Policy |
Set of
rules pushed from DC to user computers |
|
Kerberos |
The
protocol used by AD for authentication |
|
LDAP |
Protocol
used to access and manage directory info |
Why Domain
Controllers Matter:
- Security: Centralized login
and access control
- Efficiency: Easy to manage
users and devices
- Scalability: Works well in
small offices or large enterprises
- Redundancy: You can have multiple
DCs for failover and load balancing
AD DS:
-Active Directory Domain Services
What is AD
DS?
AD DS stands for
Active Directory Domain Services.
It is a core service in Microsoft’s Active Directory that enables
centralized management of users, computers, and resources on a network.
What Does
AD DS Do?
AD DS is
the directory service that:
- Stores information about users,
groups, computers, printers, etc.
- Authenticates users
when they log in
- Helps enforce security
policies across the network
- Enables single sign-on
(SSO) so users log in once and access many resources
Think of AD
DS Like a Company Directory
It keeps
track of:
- Who works here (users)
- Their job roles (groups)
- What computers they use
- What they’re allowed to access
- Where things are
(organizational structure)
AD DS Key
Components:
|
Component |
Description |
|
Domain |
A logical
group of network objects (users, computers, etc.) |
|
Domain
Controller (DC) |
The
server that runs AD DS and manages domain security |
|
Forest |
A
collection of one or more domains that share a common schema |
|
Organizational
Units (OUs) |
Containers
used to organize users and resources |
|
Group
Policy |
Used to
control settings and behavior of users and computers |
|
Schema |
Defines
what kinds of objects can exist in the directory and their properties |
How It
Works (Simplified):
1. A user logs
in to their computer
2. The
computer contacts a Domain Controller
3. AD DS
checks the user’s credentials
4. If correct,
it logs them in and applies policies
5. The user
can now access network resources like printers, shared folders, or applications
Why Use AD
DS?
- ✅ Centralized
management
- 🔐 Secure
authentication
- 🔁 Policy
enforcement across all users/devices
- 👥 Scalable
for small to large organizations
Example Use
Case:
A school
uses AD DS:
- Students and teachers have
accounts
- Each group has access to
specific folders and printers
- IT can manage all users and
policies from one server
Microsoft
Exchange
What is
Microsoft Exchange?
Microsoft
Exchange is a mail server and collaboration platform
developed by Microsoft. It’s used by businesses and organizations to manage:
- Email
- Calendars
- Contacts
- Tasks
- Shared mailboxes
It’s the backend
system for Microsoft Outlook and other mail clients in an organization.
Think of
Exchange Like a Mailroom + Calendar Manager
It handles:
- Delivering email messages
- Storing mailboxes
- Synchronizing calendar events
- Managing contact lists
- Enabling shared scheduling
between users
Key
Components of Exchange:
|
Component |
Description |
|
Mailbox
Server |
Stores
user mailboxes and handles mail delivery |
|
Client
Access Services |
Lets
users connect via Outlook, web, or mobile |
|
Transport
Services |
Routes
and delivers email across the network |
|
Exchange
Admin Center (EAC) |
Web-based
UI to manage mailboxes and settings |
|
Outlook
Web Access (OWA) |
Web-based
version of Outlook email and calendar |
Versions of
Exchange:
1. Exchange
Server – On-premises version installed on your own servers
2. Exchange
Online – Cloud version hosted by Microsoft as part of Microsoft
365
3. Hybrid
Exchange – Combines on-premises and cloud-based Exchange
Features of Exchange:
- ✅ Business-class
email
- 🔐 Built-in
anti-spam and antivirus
- 📅 Shared
calendars & scheduling
- 🧑🤝🧑 Delegated
access and shared mailboxes
- 📱 Mobile
device support
- 📁 Email
retention policies and compliance tools
How It
Works (Simplified):
1. A user
sends an email from Outlook.
2. The message
goes to the Exchange server.
3. Exchange routes
the message to the recipient (inside or outside the organization).
4. The
recipient’s email client (Outlook, mobile app, etc.) downloads it.
Why
Businesses Use Exchange:
- Centralized email and
calendar management
- Integration with Active
Directory
- Better security and data
compliance
- Scalable for
small teams or large enterprises
What is
RADIUS
What is
RADIUS?
RADIUS stands for
Remote Authentication Dial-In User Service.
It’s a network protocol used to authenticate, authorize,
and account (often abbreviated as AAA) for users who connect and
use a network.
What Does
RADIUS Do?
RADIUS is
commonly used by organizations to:
- Authenticate users
before they access a network (like Wi-Fi or VPN)
- Authorize what
services or access they get
- Account for
what users do (like session duration or data usage)
How RADIUS Works
(Simplified Flow):
Let’s say a
user tries to connect to a company’s secure Wi-Fi:
1. Access
Request
The user enters their username and password on a Wi-Fi login page.
2. Request
Sent to RADIUS Server
The access point (router or switch) sends the credentials to the RADIUS
server.
3. Authentication
The RADIUS server checks the credentials against a user database (like
Active Directory or LDAP).
4. Authorization
If the login is valid, RADIUS checks what level of access the user has (e.g.,
full access, guest network, etc.).
5. Access
Granted or Denied
The RADIUS server tells the network device whether to allow or deny access.
6. Accounting
(Optional)
RADIUS can track user activity, like how long they stayed connected or how much
data they used.
Key
Concepts:
|
Term |
Description |
|
AAA |
Authentication,
Authorization, Accounting |
|
RADIUS
Server |
The
system that validates login requests |
|
NAS
(Network Access Server) |
The
router, switch, or firewall that forwards login requests to RADIUS |
|
User
Database |
Where
usernames and passwords are stored (e.g., Active Directory) |
Where
RADIUS is Used:
- Corporate Wi-Fi networks
(secure login)
- VPNs (remote access
authentication)
- ISP dial-in services
- University campus networks
- Guest access portals with
login requirements
Why RADIUS
Matters:
- ✅ Secure network
access
- 🔁 Centralized
login management
- 🧑🤝🧑 Integrates
with existing user directories
- 📊 Tracks
user activity for compliance and billing
IIS – Internet Information Services
What is
IIS?
IIS stands for
Internet Information Services.
It is a web server software created by Microsoft that runs on Windows
Server and is used to host websites, web applications, and services.
What Does
IIS Do?
IIS is
responsible for:
- Serving web pages
(HTML, CSS, JavaScript)
- Running web applications
(e.g., ASP.NET apps)
- Handling HTTP/HTTPS
requests from browsers
- Supporting FTP, SMTP,
and other protocols (optional features)
- Hosting REST APIs, SOAP
services, and more
Key
Features of IIS:
|
Feature |
Description |
|
HTTP/HTTPS
Support |
Delivers
secure web content to users |
|
ASP.NET
Integration |
Runs
.NET-based web applications |
|
Authentication
& Authorization |
Controls
who can access what |
|
Logging
& Monitoring |
Tracks
visits, errors, and usage |
|
SSL
Certificates |
Supports
secure connections via HTTPS |
|
FTP
Hosting |
Can serve
files via FTP (optional) |
|
Modular
Design |
Add/remove
features like caching, compression, etc. |
How IIS
Works (Simplified):
1. A user
enters www.example.com in their browser.
2. The browser
sends a request to the IIS web server.
3. IIS
receives the request and processes it (maybe using ASP.NET or PHP).
4. IIS sends
back the webpage or data to the user’s browser.
Common Use
Cases:
- Hosting corporate websites
- Running intranet portals
- Powering ASP.NET
applications
- Serving RESTful APIs
- Providing web services
for mobile apps
Why Use IIS?
- ✅ Deep integration with Windows
Server
- 🔐
Built-in security features (like Windows Authentication)
- ♻️ Scalable for
small and enterprise deployments
- 🧰
GUI-based management (via IIS Manager) and PowerShell scripting
IIS vs
Other Web Servers:
|
Server |
Platform |
Common
Use |
|
IIS |
Windows |
.NET/ASP.NET
apps |
|
Apache |
Cross-platform |
PHP/web
hosting |
|
Nginx |
Cross-platform |
High-performance/reverse
proxy |
RAS – Remote Access Service
What is RAS?
RAS
stands for Remote Access Service.
It is a Windows-based service
that allows users to remotely connect to a private network (like a
company's internal network) over the internet or phone lines.
What Does RAS Do?
RAS allows users to:
·
Log in to their work
network from outside the office
·
Access shared
files, printers, and internal systems
·
Use company
resources as if they were physically on-site
It's especially useful for:
·
Remote workers
·
Traveling
employees
·
IT administrators
How RAS Works (Simplified):
1. A user at home opens a remote access connection
(like VPN or dial-up).
2. The computer connects to the RAS server via the
internet or phone line.
3. The RAS server:
o Authenticates
the user (username/password or certificates)
o Authorizes
the connection
4. Once connected, the user can securely access the
network.
RAS Components:
|
Component |
Description |
|
RAS Server |
The system that accepts and manages
remote connections |
|
RAS Client |
The user device connecting to the
network remotely |
|
Authentication Protocols |
Verifies the user's identity (e.g.,
PAP, CHAP, MS-CHAP) |
|
Communication Links |
Dial-up, VPN, ISDN, or internet
connections |
RAS in Windows:
In Windows Server environments, RAS
is part of:
·
RRAS (Routing and
Remote Access Service)
RRAS provides:
·
VPN functionality
·
NAT (Network
Address Translation)
·
LAN routing
·
Remote user access
Real-World Use Case:
A sales employee on a business trip
needs to:
·
Access the
company’s CRM
·
View files on a
shared drive
·
Use internal apps
They connect via RAS (usually using a
VPN), and work just like they're in the office.
Related Technologies:
|
Term |
Purpose |
|
VPN |
Encrypts and secures remote network
access |
|
RADIUS |
Often used with RAS for
authentication |
|
IIS |
Used to host internal web apps the
RAS users might access |
