Active Directory (AD):

is a directory service that Microsoft developed for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services.[1][2] Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services.[3]

A server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user.[4] Also, it allows management and storage of information at admin level and provides authentication and authorization mechanisms and a framework to deploy other related services (AD Certificate Services, AD Federated Services, etc.).[5]

Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft’s version of Kerberos, and DNS.

Active Directory features include:

  • Support for the X.500 standard for global directories
  • The capability for secure extension of network operations to the Web
  • A hierarchical organization that provides a single point of access for system administration (management of user accounts, clients, servers, and applications, for example) to reduce redundancy and errors
  • An object-oriented storage organization, which allows easier access to information
  • Support for the Lightweight Directory Access Protocol (LDAP) to enable inter-directory operability
  • Designed to be both backward compatible and forward compatible

Source: techtarget & wiki


Hire Us Today!