Microsoft Active Directory Overview
- Active Directory overview
- Active Directory components
1. Active Directory Overview
Active Directory is a centralized database that stores user accounts, group objects, workstation objects, security information, and more. It offers several benefits, including:
- Centralized resources and security administration: Administrators can manage and secure network resources and associated security objects from a single point, the Active Directory database.
- Single logon for access to global resources: Once a user is created on a domain controller, they can access any resource on the network they have been granted access to from any computer on the network.
- Simplified resource location: Active Directory allows files and print resources to be published on the network, simplifying access to these resources. Users can search the Active Directory database and securely access the desired resource.
Advertisement
2. Active Directory Components
An Active Directory implementation includes the following components:
| Component | Description |
| Trees and Forests | Trees and Forests: Multiple domains are organized in the following relationship: A tree is a group of related domains that share the same contiguous DNS namespace. A forest is a collection of related domain trees, establishing relationships between trees with different DNS namespaces. |
| Domain | Domain: A domain is an administratively defined collection of network resources sharing a common directory database and security policies. Important characteristics of a domain include: Database information is replicated within a domain. Security settings are not shared between domains. Each domain maintains its own set of relationships with other domains. Domains are identified using DNS names, including the common domain name and the top-level DNS domain name. |
| Organizational Unit (OU) | Organizational Unit (OU): An OU is a container object that subdivides and organizes network resources within a domain. Key features of an OU include: It can contain other OUs or leaf objects such as users, computers, and printers. It simplifies security administration and logically organizes network resources. |
| Built-In Containers | Built-In Containers: Generic built-in containers are used to organize Active Directory objects. They have the following characteristics: They are created by default and cannot be created, moved, renamed, or deleted. They have limited editable properties. |
| Objects | Objects: Objects represent resources within Active Directory and include users, groups, and computers. Important information about objects: Each object has attributes that provide details about the object itself, such as a user’s name, phone number, and email address. DNS is used for locating and naming objects. Container objects hold other objects, including other containers or leaf objects. |
| Domain Controller | Domain Controller: A domain controller is a Windows server that stores a copy of the Active Directory database. Key points about domain controllers: A domain controller is a member of only one domain. Multiple domain controllers can exist within a domain, each holding a copy of the Active Directory database. Any domain controller can make changes to the Active Directory database. Replication ensures changes made to the Active Directory database are copied between all domain controllers in the domain. |
) to enable essential functionality. Click "I accept" if you are okay with that! :)