{"id":5789,"date":"2025-06-19T14:39:14","date_gmt":"2025-06-19T10:39:14","guid":{"rendered":"https:\/\/jsnet.biz\/?p=5789"},"modified":"2025-07-07T17:02:16","modified_gmt":"2025-07-07T13:02:16","slug":"domen-n%c9%99zar%c9%99tcisi-prinsipidir","status":"publish","type":"post","link":"https:\/\/jsnet.biz\/az\/domen-n%c9%99zar%c9%99tcisi-prinsipidir\/","title":{"rendered":"Domain Controller i\u015f prinsipi"},"content":{"rendered":"<h3 class=\"wp-block-heading\">\ud83c\udfe2 <strong>Domain Controller (DC) n\u0259dir v\u0259 i\u015f prinsipi nec\u0259dir?<\/strong><\/h3>\n\n\n\n<p><strong>Domain Controller (Domen N\u0259zar\u0259t\u00e7isi)<\/strong> \u2014 qu\u015f <strong>Windows Server<\/strong> \u00fcz\u0259rind\u0259 \u00e7al\u0131\u015fan v\u0259 <strong>Active Directory Domain Xidm\u0259tl\u0259ri (AD DS)<\/strong> rolunu da\u015f\u0131yan serverdir. Onun \u0259sas v\u0259zif\u0259si <strong>aliml\u0259rin, komp\u00fcterl\u0259rin v\u0259 dig\u0259r resurslar\u0131n kimlikl\u0259rini idar\u0259 etm\u0259k v\u0259 do\u011frulamaqd\u0131r (autentifikasiya v\u0259 avtorizasiya)<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\udde0 <strong>Domain Controller-in i\u015f prinsipi<\/strong><\/h2>\n\n\n\n<p>Domain Controller kimi i\u015fl\u0259yir:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Aktiv Kataloq (AD)<\/strong> m\u0259lumat bazas\u0131n\u0131 saxlay\u0131r.<\/li>\n\n\n\n<li>\u0130stifad\u0259\u00e7il\u0259r v\u0259 komp\u00fcterl\u0259r domen\u0259 daxil olmaq daxilkd\u0259:\n<ul class=\"wp-block-list\">\n<li>Domen N\u0259zar\u0259t\u00e7isi <strong>yazan\u0131n kimliyini yoxlay\u0131r<\/strong> (identifikasiya).<\/li>\n\n\n\n<li>Onlara <strong>resurslara \u00e7\u0131x\u0131\u015f imkan\u0131<\/strong> t\u0259yin edir (authorization).<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\u0130stifad\u0259\u00e7il\u0259rin, qruplar\u0131n, printerl\u0259rin, siyas\u0259tl\u0259rin (GPO) v\u0259 dig\u0259r obyektl\u0259rin <strong>m\u0259rk\u0259zi idar\u0259sini<\/strong> t\u0259min edir.<\/li>\n\n\n\n<li>Giri\u015f zaman\u0131 <strong>kerberos biletl\u0259ri<\/strong> il\u0259 t\u0259hl\u00fck\u0259sizliy\u0259 dair m\u0259lumat.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Funksiya<\/th><th>\u0130zah\u0131<\/th><\/tr><\/thead><tbody><tr><td><strong>Authentication (Do\u011frulama)<\/strong><\/td><td>\u0130stifad\u0259\u00e7i v\u0259 ya komp\u00fcter domenin\u0259 daxil olaraq onun etimadnam\u0259sini (\u015fifr\u0259, sertifikat v\u0259 s.) yoxlay\u0131r.<\/td><\/tr><tr><td><strong>Authorization (\u0130caz\u0259)<\/strong><\/td><td>Kim\u0259 hans\u0131 resurslara (m\u0259s\u0259l\u0259n, fayl serveri, printer) \u00e7\u0131x\u0131\u015f\u0131 t\u0259yin edir.<\/td><\/tr><tr><td><strong>Siyas\u0259t \u0130dar\u0259etm\u0259si<\/strong><\/td><td>GPO (Group Policy Object) sisteml\u0259r\u0259 siyas\u0259t t\u0259tbiq edir.<\/td><\/tr><tr><td><strong>Replikasiya<\/strong><\/td><td>Bird\u0259n \u00e7ox DC varsa, onlar\u0131n aras\u0131nda Active Directory m\u0259lumatlar\u0131n\u0131 saxlay\u0131r.<\/td><\/tr><tr><td><strong>Kataloq Xidm\u0259tl\u0259ri<\/strong><\/td><td>AD \u00fczr\u0259 \u0259lav\u0259, komp\u00fcter, qrup, OU (t\u0259\u015fkilati vahid) kimi obyektl\u0259ri idar\u0259 edir.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udd04<strong>Domain Controller nec\u0259 i\u015fl\u0259yir? (add\u0131m-add\u0131m n\u00fcmun\u0259)<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">M\u0259s\u0259l\u0259: \u0130stifad\u0259\u00e7il\u0259r komp\u00fcter daxil olmaq ist\u0259yirl\u0259r<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Ctrl+Alt+Del \u2192 Giri\u015f ekran\u0131<\/strong><\/li>\n\n\n\n<li>\u0130stifad\u0259\u00e7i elanlar\u0131 v\u0259 m\u0259lumatlar daxil edilir.<\/li>\n\n\n\n<li>Domain Controller-\u0259 g\u00f6nd\u0259rin.<\/li>\n\n\n\n<li>Domen N\u0259zar\u0259t\u00e7isi:\n<ul class=\"wp-block-list\">\n<li>AD-d\u0259 qeydiyyat\u0131n\u0131 yoxlay\u0131r.<\/li>\n\n\n\n<li>\u015eifr\u0259ni t\u0259sdiql\u0259yir.<\/li>\n\n\n\n<li>GPO-lar\u0131 t\u0259dbirdir.<\/li>\n\n\n\n<li>istifad\u0259\u00e7iy\u0259 giri\u015f \u00fc\u00e7\u00fcn <strong>Kerberos bileti<\/strong> t\u0259klif edir\u0259m.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\u0130stifad\u0259\u00e7i domen resurslar\u0131na (fayl server, printer v\u0259 s.) \u00e7\u0131x\u0131\u015f \u0259ld\u0259 edir.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Nov<\/th><th>T\u0259sviri<\/th><\/tr><\/thead><tbody><tr><td><strong>\u018fsas Domen N\u0259zar\u0259t\u00e7isi (PDC)<\/strong><\/td><td>\u018fvv\u0259ll\u0259r \u0259sas DC idi (NT d\u00f6n\u0259ml\u0259rind\u0259). \u0130ndi FSMO rollar\u0131ndan biridir.<\/td><\/tr><tr><td><strong>Yaln\u0131z Oxumaq \u00dc\u00e7\u00fcn Domen N\u0259zar\u0259t\u00e7isi (RODC)<\/strong><\/td><td>Yaln\u0131z oxumaq \u00fc\u00e7\u00fcn n\u00fcsx\u0259dir \u2013 daha az s\u0259m\u0259r\u0259li \u015f\u0259raitd\u0259 (m\u0259s\u0259l\u0259n, filial ofisl\u0259rind\u0259) istifad\u0259 olunur.<\/td><\/tr><tr><td><strong>\u018flav\u0259 DC<\/strong><\/td><td>\u018fsas DC-y\u0259 \u0259lav\u0259 olaraq ba\u015fqa serverl\u0259rd\u0259 qura\u015fd\u0131r\u0131l\u0131r \u2013 y\u00fck payla\u015f\u0131m\u0131 v\u0259 redundans \u00fc\u00e7\u00fcn.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\uddf1<strong>Domain Controller tipl\u0259ri<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Nov<\/th><th>T\u0259sviri<\/th><\/tr><\/thead><tbody><tr><td><strong>\u018fsas Domen N\u0259zar\u0259t\u00e7isi (PDC)<\/strong><\/td><td>\u018fvv\u0259ll\u0259r \u0259sas DC idi (NT d\u00f6n\u0259ml\u0259rind\u0259). \u0130ndi FSMO rollar\u0131ndan biridir.<\/td><\/tr><tr><td><strong>Yaln\u0131z Oxumaq \u00dc\u00e7\u00fcn Domen N\u0259zar\u0259t\u00e7isi (RODC)<\/strong><\/td><td>Yaln\u0131z oxumaq \u00fc\u00e7\u00fcn n\u00fcsx\u0259dir \u2013 daha az s\u0259m\u0259r\u0259li \u015f\u0259raitd\u0259 (m\u0259s\u0259l\u0259n, filial ofisl\u0259rind\u0259) istifad\u0259 olunur.<\/td><\/tr><tr><td><strong>\u018flav\u0259 DC<\/strong><\/td><td>\u018fsas DC-y\u0259 \u0259lav\u0259 olaraq ba\u015fqa serverl\u0259rd\u0259 qura\u015fd\u0131r\u0131l\u0131r \u2013 y\u00fck payla\u015f\u0131m\u0131 v\u0259 redundans \u00fc\u00e7\u00fcn.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udd10 <strong>Kerberos protokolu il\u0259 Domain Controller<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Domain Controller istifad\u0259\u00e7isi <strong>Kerberos protokolu<\/strong> il\u0259 autentifikasiya edir.<\/li>\n\n\n\n<li>Bu, ba\u011flanm\u0131\u015f, onlarla i\u015fl\u0259y\u0259n sistemdir v\u0259 <strong>t\u0259hl\u00fck\u0259siz giri\u015f<\/strong> imkan\u0131 yarad\u0131r.<\/li>\n\n\n\n<li>istifad\u0259\u00e7il\u0259r v\u0259 xidm\u0259tl\u0259r aras\u0131nda <strong>bir d\u0259f\u0259 giri\u015f (Single Sign-On \u2013 SSO)<\/strong> m\u00fcmk\u00fcnd\u00fcr.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udcca <strong>Domain Controller- vacibliyi<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>S\u0259b\u0259b<\/th><th>\u0130zah<\/th><\/tr><\/thead><tbody><tr><td><strong>M\u0259rk\u0259zl\u0259\u015fmi\u015f idar\u0259<\/strong><\/td><td>B\u00fct\u00fcn istifad\u0259 v\u0259 resurslar\u0131 bir yerd\u0259n idar\u0259 etm\u0259k imkan\u0131 verir.<\/td><\/tr><tr><td><strong>T\u0259hl\u00fck\u0259sizlik<\/strong><\/td><td>Siyas\u0259tl\u0259rin t\u0259tbiqi v\u0259 autentifikasiyas\u0131n\u0131n m\u0259rk\u0259zi \u015f\u0259kild\u0259 h\u0259yata ke\u00e7irilir.<\/td><\/tr><tr><td><strong>Audit v\u0259 loglama<\/strong><\/td><td>Kim n\u0259 zaman daxil olub, n\u0259 edib \u2013 ham\u0131s\u0131 qeyd olunur.<\/td><\/tr><tr><td><strong>Miqyaslanma<\/strong><\/td><td>Bird\u0259n \u00e7ox DC il\u0259 b\u00f6y\u00fck infrastrukturda i\u015fl\u0259m\u0259k m\u00fcmk\u00fcnd\u00fcr.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83e\uddea <strong>N\u00fcmun\u0259 ssenari<\/strong><\/h2>\n\n\n\n<p>Bird\u0259 100 komp\u00fcter v\u0259 200 istifad\u0259\u00e7i var. Domen N\u0259zar\u0259t\u00e7isi:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>H\u0259r bir \u015f\u0259xs \u00f6z elan\u0131 il\u0259 daxil olur.<\/li>\n\n\n\n<li>Komp\u00fcterl\u0259r\u0259 GPO antivirus, masa\u00fcst\u00fc ikonlar\u0131 v\u0259 etibarl\u0131 parametrl\u0259ri t\u0259yin olunur.<\/li>\n\n\n\n<li>F\u0259rqli \u015f\u00f6b\u0259l\u0259r \u00fc\u00e7\u00fcn printer v\u0259 fayl \u00e7\u0131x\u0131\u015flar\u0131 m\u0259hdudla\u015fd\u0131r\u0131l\u0131r.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">\ud83d\udccc <strong>N\u0259tic\u0259<\/strong><\/h2>\n\n\n\n<p><strong>Domen N\u0259zar\u0259t\u00e7isi<\/strong>, Windows \u015f\u0259b\u0259k\u0259 m\u00fchitind\u0259 <strong>giri\u015fl\u0259rin, icaz\u0259l\u0259rin v\u0259 resurslar\u0131n m\u0259rk\u0259zi v\u0259 t\u0259hl\u00fck\u0259sizlik idar\u0259sini<\/strong> t\u0259min ed\u0259n <strong>\u0259sas server roludur<\/strong>.<br>\u0130T infrastrukturunun <strong>\u00fcr\u0259yi<\/strong> rolunu oynay\u0131r \u2013 v\u0259 olmadan domen \u0259sasl\u0131 idar\u0259etm\u0259 m\u00fcmk\u00fcn deyil.<\/p>","protected":false},"excerpt":{"rendered":"<p>Domain Controller i\u015f prinsipi<\/p>","protected":false},"author":1,"featured_media":5790,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,19],"tags":[179,174,182,173],"class_list":["post-5789","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-computing","category-managed-it-support","tag-cybersecurity","tag-netadmin-2","tag-networking-2","tag-sysadm"],"_links":{"self":[{"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/posts\/5789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/comments?post=5789"}],"version-history":[{"count":0,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/posts\/5789\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/media\/5790"}],"wp:attachment":[{"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/media?parent=5789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/categories?post=5789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jsnet.biz\/az\/wp-json\/wp\/v2\/tags?post=5789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}