Active Directory (AD) was introduced by Microsoft with Windows Server 2000 to perform directory services on Windows server domains. In simple terms, it is more like a telephone directory, or in modern times, like a Contacts app on your phone. And like the Contacts app help us find contacts and their details, the same way an AD helps us find objects and their related values, where the contact is the object and a phone number or email id of the contact is the value of the object. It is used to centrally manage the users, data, and devices in a network. It stores objects in a hierarchical structure for quick access by the users/administrators. AD is a repository of all the user and computer configurations in a domain and hence makes the management of resources easy. By using this, the users on the domain can locate the files and folders stored in the repository without knowing the actual location of them.
AD has become interchangeable with identity and access management services. It is the best and easiest way to control who can access, and what can be accessed over the domain. With the use of an Active Directory, managing trusts has become easy. As all the domains within a forest trust each other, the only time when we have to worry about managing trust is when the domains are in different forests. Due to the central storage capability offered by the Active Directory, we can ensure easy backups. And if any of the network computers crash, we can still have access to all the data from the central location. With the single sign-on (SSO) option of an AD, the users can login once and access the entire domain, it saves them from the hassle of re-entering their credentials at every stage. The use of AD also offers better security. As a network administrator can control and track all the activity on the domain, they can assess the situation in a better way and can install various security features wherever necessary. The administrators can also grant, or deny, certain rights and privileges to the users. Active Directory also improves the scalability of a network with the use of organisational units (OU). OU’s can help break down a domain into smaller manageable blocks. The concept of sites has eased the process of replication on a domain. For the parts of the network which are connected by a slow link, we can configure the ends as different sites and make the servers as bridgehead server to simplify the replication.
An Active Directory has become an indispensable part of networks and domains. It has streamlined and simplified the management of a domain, and also made the domain more secure.
To learn Microsoft Certification