Active directory offers a service which allows information to be stored, classified, and retrieved as part of network administration. Microsoft’s directory is known as “Active Directory.” Active Directory is a database of objects that stores, organizes, and enables access to other objects or users. Active directory provides important network services such as DNS and Kerberos-based authentication.
The structure of Active Directory resembles a pyramid, with the “forest” at the top of the structure. A tree is formed by a collection of domains and sub-domains. The domain is the core of a Windows network which provides administrative boundary. The domain created at the top of the directory is known as “the root”. Any domain underneath that, are referred to as “child domains”.
A domain controller is a member server that stores a copy of all the data of the objects within the domain. Domain controllers are crucial, as they manage requests for changes to the database. The information is replicated on all other domain controllers in the domain. When a server joins the domain, by default, it’s called a “standalone member server.” To promote a member server to a domain controller, the active directory installation wizard, DCPROMO.EXE, is used. Once a server becomes a domain controller, multi-master replication is performed. Meaning, all domain controllers work together in a peer relationship to update information.
Organizational units are used within a domain to group similar objects, such as users, groups, or computers. They are used to minimize the number of domains. Whereas, sites within Active Directory are based on IP subnets.
Authentication can be achieved by using kerberos. Kerberos is preferred, as it provides security and authentication. But authentication also can be achieved by using new technology land management, authentication for non-domain members and trusts.
Trusts are very important in the directory. When a new domain is added to a forest, trust relationships are configured automatically. Trusts are commutative two-way trusts. If domain X trusts domain Y, then the reverse is automatically true. Trusts are automatically transitive if domain X trusts domain Z, and domain Y trusts domain Z, then domain X and Y automatically trust one another.
Active directory is a useful service for network administrators as it helps let them manage network efficiently and easily. It helps administrator in assigning and enforcing security policies for all computers and user using group policy objects. It also helps in installing or updating software to multiple computers in the domain in one go. It offers efficient administrative tools to perform Server Administration tasks smoothly.
Learn more about Networking Exam