Active Directory service provides a single point of network resource management, allowing you to add, remove, and relocate users and resources easily.

Active Directory is software created by Microsoft, based on Novell EDirectory and using modified versions of existing protocols and services that provides a variety of network services, including:
  • Lightweight Directory Access Protocol (LDAP) is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
  • Kerberos-based authentication
  • DNS-based naming and other network information
  • Central location for network administration and delegation of authority
  • Information security and single sign-on for user access to networked based resources
  • The ability to scale up or down easily
  • Central storage location for application data
  • Synchronization of directory updates amongst several servers
Active Directory also allows administrators to assign policies, deploy software, and apply critical updates to an organization. Active Directory stores information and settings in a central database.
Active Directory was previewed in 1999, released first with Windows 2000 Server edition, and revised to extend functionality and improve administration in Windows Server 2003. Additional improvements were made in Windows-Server 2003 R2. Active Directory was refined further in Windows Server 2008 and Windows Server 2008 R2and was renamed Active Directory Domain Services.
Active Directory was called NTDS (NT Directory Service) in older Microsoft documents. This name can still be seen in some Active Directory binaries.
 
Active Directory Component
Various Active Directory components are used to build a directory structure. Active Directory completely separates the logical structure from the physical structure.
Active Directory components represent logical structures: - Domains, Organizational Units (OUs), Trees & Forests.
Active Directory components represent physical structures: - Sites (physical subnets) and Domain Controllers
In Active Directory, you organize resources in a logical structure-a structure that mirrors organizational models using domains, OUs, trees, and forests. Grouping resources logically allows you to easily find a resource by its name rather than by remembering its physical location. Because you group resources logically.
Domains
The core unit of logical structure in Active Directory is the domain, which can store millions of objects. It is group of network components and it is logical collection of users and computers. It enables to organize object in a single logical object different polices can be apply on this object to set its behave it also provide security bounding and provides centralized management of network so it is domain.
Domain controller is a collection of users and computers where then domain controller provide a common security for each client.
Trusting Domain -It contain the resource.
Trusted Domain - It contain the user.
OU (Organizational Unit)
An OU is a container used to organize objects within a domain into a logical administrative group. OU is collection of active directory object that contain domain other OU's users and computer account it is type of container which is used to organize the police can be applied on OU.
Tree
Tree is collection of domain which has contiguous linking of domain and the share common name space. There can be trust relationship between them which is generally transitive in nature. A tree is a grouping or hierarchical arrangement of one or more Windows Server 2003 domains that you create by adding one or more child domains to an existing parent domain.
Forest
The forest links multiple domain trees the first tree in the forest is called root tree. A forest is a grouping or hierarchical arrangement of one or more separate, completely independent domain trees. As such, forests have the following characteristics:
  • All domains in a forest share a common schema.
  • All domains in a forest share a common global catalog.
  • All domains in a forest are linked by implicit two-way transitive trusts.
  • Trees in a forest have different naming structures, according to their domains.
  • Domains in a forest operate independently, but the forest enables communication across the entire   organization.
Physical Structures
The physical components of Active Directory are sites and domain controllers.
Sites :- A site is a combination of one or more IP subnets connected by a highly reliable and fast link to localize as much network traffic as possible. Site is collection of the subnet in active directory. It represents geographically separated network or subnet. It is replication bounding.
Domain Controllers :- Domain Controller is the power full computer running as a server family operating system. He has some additional power to control the client. A domain controller is a computer running Windows Server 2003 that stores a replica of the domain directory (local domain database). Because a domain can contain one or more domain controllers, each domain controller in a domain has a complete replica of the domain's portion of the directory.
 
Active Directory Object
An Active Directory structure is a hierarchical framework of objects. The data stored in Active Directory, such as information about users, printers, servers, databases, groups, computers, and security policies, is organized into objects. The objects fall into two broad categories:- resources (e.g., printers) and security principals (user or computer accounts and groups). Security principals are Active Directory objects that are assigned unique security identifiers (SIDs) used to control access and set security.
         An object is a distinct named set of attributes that represents a network resource. Object attributes are characteristics of objects in the directory. For example, the attributes of a user account object might include the user's first name, last name, and logon name, while the attributes of a computer account object might include the computer name and description
  • All objects stored in Windows Server 2003's Active Directory Database will have the following attributes attached.

Additional information

Commentics

<p>Currently under general maintenance.</p><p>Please check back shortly. Thanks.</p>