Contact
Active Directory Domain Services (AD DS)
Lesson 1

active directory overview

By Sai Kurada
September 04, 2023
Active Directory (AD) is a directory service developed by Microsoft for use in a Windows environment. It is a centralized database that stores information about network resources (such as computers, servers, printers, users, and groups) within a network and allows administrators to manage and organize this information.
Key Concepts and Components in Active Directory:

  1. Domain: A domain is a logical grouping of network objects (computers, users, printers, etc.) within a network. It is used to organize and manage these resources. Each domain has a unique name within the network.
  2. Domain Controller: This is a server that runs the Active Directory services. It stores a copy of the Active Directory database and authenticates users and computers in the domain.
  3. Forest: A forest is a collection of one or more domains that share a common schema, configuration, and global catalog. It is the highest level of organization in Active Directory.
  4. Tree: A tree is a collection of one or more domains in a contiguous namespace. It consists of a root domain and one or more child domains.
  5. Organizational Unit (OU): OUs are containers within a domain that are used to organize and manage objects. They provide a way to apply policies, deploy software, and delegate administrative tasks.
  6. User Account: A user account represents a user in the network. It contains information such as username, password, and group membership.
  7. Group: A group is a collection of users, computers, or other groups. It simplifies the process of assigning permissions and rights to multiple objects at once.
  8. Group Policy: Group Policy is a set of rules and configurations that can be applied to users and computers within a domain. It allows administrators to control various aspects of the system's behavior.
  9. LDAP (Lightweight Directory Access Protocol): LDAP is the protocol used to communicate with Active Directory. It is a standardized way of accessing and querying directory services.
  10. Global Catalog: The global catalog is a special type of domain controller that contains a partial replica of all objects in the forest. It is used for searching and locating objects in a multi-domain environment.
  11. Trust Relationship: Trusts are established between domains to allow users from one domain to access resources in another domain. Trusts can be one-way or two-way.
  12. Schema: The schema defines the structure of the objects stored in Active Directory. It specifies the attributes and classes that can be used to define objects.
  13. Replication: Active Directory uses a replication mechanism to ensure that changes made in one domain controller are propagated to all other domain controllers within the domain.
  14. Security Identifier (SID): A SID is a unique identifier assigned to each security principal (user, group, computer) in Active Directory. It is used to control access and permissions.
  15. Kerberos Authentication: Active Directory uses the Kerberos protocol for secure authentication. It provides a way for users and services to prove their identity to the system.

Active Directory plays a crucial role in the management and security of a Windows-based network. It provides a centralized and organized way to manage resources and control access to them.
Previous
Understanding DFS Replication
Next
Workgroup vs Domain