So what is Active Directory? Any professional working in IT sector would have come across this term more than once. It is good to have the basic knowledge of what Active Directory is all about. It is a product of Microsoft and was developed in 1996. Its popularity has grown due to the easy usage even for a large organisation.
Basically, it is a database storing people’s information in a central repository. By central repository we mean that it is not local to any system and is mainly used for authentication of a person’s identity. Consider a person has just joined a company. How would someone know his identity? There should be some way to validate that. In simple terms, IT administrators use Active Directory to maintain their information which they use for validating a person’s identity.
There are few concepts that need to be understood in AD: AAA protocol:
Authentication: As mentioned, earlier it is about validating a customer’s identity.
Authorization: It is the process to check if the user has the right access to use the resource.
Accounting: It is a process of documenting that the user has accessed the resource.
AD takes into account all of the above mentioned processes with the help of a domain controller, which is nothing but a server that manages the AD and handles the AAA protocols.
Structure of an Active Directory:
Usually, the structure is divided into three components which include hardware, web email servers and objects that are required for the network. The terminologies mostly used in AD are Forests, Trees and Domain.
Everybody would be aware of what a domain is. It is a collection of resources. So explained in simple terms, Forest is a collection of domains. Using an e.g. to explain further on this. You own a company called “XXX” and there are different branches under it such as “Sales”, “HR”, “IT”, “Accounts” etc. In this example, XXX becomes the Forest and the rest departments under it become the domains. If there is a further partition among the departments, then the lowest sector becomes the domain and intermediate section between Forest and domain is known as Trees. It is purely based on organisations on how to define a domain. It can be done department wise or region wise based on the size of the company.
Hierarchy can be explained with respect to Forests and Domain as the IT administrator has access to all the departments and domain that form a part of a forest whereas the person who has access to a particular domain cannot access the upper hierarchy of the Forest and Trees. This helps in sharing the information as needed and avoid unnecessary data sharing.
Logitrain delivers the best Database Courses, for more information please visit www.logitrain.com.au or call 1800 159 151.