Active Directory (AD) is a product of Microsoft that consists of many services that run on Windows Server to manage permissions and access to networked resources.
Active Directory stores information as objects. associate object could be a single part, like a user, group, application or device, like a printer. Objects are commonly outlined as either resources — like printers or computers — or security principals — such as users or teams
As a directory service, a full of life Directory instance consists of a info and corresponding viable code answerable for conjugation requests and maintaining the database. The viable half, called Directory System Agent, may be a assortment of Windows services and processes that run on Windows 2000 and later. Objects in Active Directory databases are often accessed via LDAP protocol, ADSI (an element object model interface), electronic messaging API and Security Accounts Manager services.
An Active Directory structure is an appointment of knowledge concerning objects. The objects constitute 2 broad categories: resources (e.g., printers) and security principals (user or laptop accounts and groups). Security principals are appointed distinctive security identifiers (SIDs).
Each object represents one entity—whether a user, a computer, a printer, or a group—and its attributes. sure, objects will contain alternative objects. associate degree object is unambiguously known by its name and encompasses a set of attributes—the characteristics and data that the thing represents— outlined by a schema, that additionally determines the varieties of objects that may be hold on in Active Directory.
The schema object lets directors extend or modify the schema once necessary. However, as a result of every schema object is integral to the definition of Active Directory objects, deactivating or dynamical these objects will essentially modification or disrupt a preparation. Schema changes mechanically propagate throughout the system. Once created, associate degree object will solely be deactivated—not deleted. dynamical the schema typically needs coming up with. Sites are enforced as a collection of connected subnets.
Forests, trees, and domains
The Active Directory framework that holds the objects are often viewed at variety of levels. The forest, tree, and domain are the logical divisions in a full of life Directory network.
Within a preparation, objects are sorted into domains. The objects for one domain are hold on in a very single info (which are often replicated). Domains are known by their DNS name structure, the namespace. a website is outlined as a logical cluster of network objects (computers, users, devices) that share an equivalent active directory info.
At the highest of the structure is that the forest. A forest may be a assortment of trees that share a typical international catalogue, directory schema, logical structure, and directory configuration. The forest represents the protection boundary among that users, computers, groups, and alternative objects are accessible.
Organizational Units are an appointment for the administrator and don’t perform as instrumentality’s; the underlying domain is that the true container. it’s unfeasible, for instance, to form user accounts with a consistent username (Kelly Account Name) in separate OUs, like “fred.staff-ou.domain” and “fred.student-ou.domain”, wherever “staff-ou” and “student-ou” are the OUs. this can be thus as a result of Kelly Account Name, a user object attribute, should be distinctive among the domain. However, 2 users in several OUs will have an equivalent Common Name (CN), the name underneath that they’re hold on within the directory itself.
Info about Cisco Exam