Active Directory

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services.[1][2] Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services.[3]

A domain controller is a server running the Active Directory Domain Services (AD DS) role. It authenticates and authorizes all users and computers in a Windows domain-type network, assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer which is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or a non-admin user.[4] Furthermore, it allows the management and storage of information, provides authentication and authorization mechanisms, and establishes a framework to deploy other related services: Certificate Services, Active Directory Federation Services, Lightweight Directory Services, and Rights Management Services.[5]

Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft's version of Kerberos,[6] and DNS.[7]

Robert R. King defined it in the following way:[8]

"A domain represents a database. That database holds records about network services-things like computers, users, groups and other things that use, support, or exist on a network. The domain database is, in effect, Active Directory."

  1. ^ Cite error: The named reference DSA-MSDN was invoked but never defined (see the help page).
  2. ^ Cite error: The named reference WI4 was invoked but never defined (see the help page).
  3. ^ Hynes, Byron (November 2006). "The Future of Windows: Directory Services in Windows Server "Longhorn"". TechNet Magazine. Microsoft. Archived from the original on 30 April 2020. Retrieved 30 April 2020.
  4. ^ "Active Directory on a Windows Server 2003 Network". Active Directory Collection. Microsoft. 13 March 2003. Archived from the original on 30 April 2020. Retrieved 25 December 2010.
  5. ^ Rackspace Support (27 April 2016). "Install Active Directory Domain Services on Windows Server 2008 R2 Enterprise 64-bit". Rackspace. Rackspace US, Inc. Archived from the original on 30 April 2020. Retrieved 22 September 2016.
  6. ^ "Microsoft Kerberos - Win32 apps". docs.microsoft.com. 7 January 2021.
  7. ^ "Domain Name System (DNS)". docs.microsoft.com. 10 January 2022.
  8. ^ King, Robert (2003). Mastering Active directory for Windows server 2003 (3rd ed.). Alameda, Calif.: Sybex. p. 159. ISBN 978-0-7821-5201-2. OCLC 62876800.