Overview
Introduction to Active Directory
Active Directory (AD) is a directory service developed by Microsoft that provides a central location for network
management and security. It is used to store,
organize, and manage information about network resources, such as users, computers, devices, and services,
in a domain network.
What Is Active Directory?
Active Directory Objects
Objects Represent Network Resources
Attributes Store Information About an Object
Active Directory Schema
Lightweight Directory Access Protocol (LDAP)
LDAP Provides a Way to Communicate with Active Directory by Specifying Unique Naming Paths for Each Object in the Directory
LDAP Naming Paths Include:
Distinguished names
Relative distinguished names
Active Directory Logical Structure
Domains
A Domain Is a Security Boundary
A domain administrator can administer only within the domain, unless explicitly granted administration rights in other domains
A Domain Is a Unit of Replication
Domain controllers in a domain participate in replication and contain a complete copy of the directory information for their domain
Organizational Units
Use OUs to Group Objects into a Logical Hierarchy That Best Suits the Needs of Your Organization
Delegate Administrative Control over the Objects Within an OU by Assigning Specific Permissions to Users and Groups
Trees and Forests
Global Catalog
Active Directory Physical Structure
Domain Controllers
Participate in Active Directory replication
Perform single master operations roles in a domain
Sites
Optimize replication traffic
Enable users to log on to a domain controller by using a reliable, high-speed connection
Methods for Administering a Windows Server Network
Using Active Directory for Centralized Management
Enables a single administrator to centrally manage resources
Allows administrators to easily locate information
Allows administrators to group objects into OUs
Uses Group Policy to specify policy-based settings
Managing the User Environment
Control and lock down what users can do
Centrally manage software installation, repairs, updates, and removal
Configure user data to follow users whether they are online or offline
Delegating Administrative Control
Assign Permissions:
For specific OUs to other administrators
To modify specific attributes of an object in a single OU
To perform the same task in all OUs
Customize Administrative Tools to:
Map to delegated administrative tasks
Simplify interface design