Active Directory

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services.^[1]^[2] Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services.^[3]

A domain controller is a server running the Active Directory Domain Services (AD DS) role. It authenticates and authorizes all users and computers in a Windows domain-type network, assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer which is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or a non-admin user.^[4] Furthermore, it allows the management and storage of information, provides authentication and authorization mechanisms, and establishes a framework to deploy other related services: Certificate Services, Active Directory Federation Services, Lightweight Directory Services, and Rights Management Services.^[5]

Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft's version of Kerberos,^[6] and DNS.^[7]

Robert R. King defined it in the following way:^[8]

"A domain represents a database. That database holds records about network services-things like computers, users, groups and other things that use, support, or exist on a network. The domain database is, in effect, Active Directory."

^ Cite error: The named reference DSA-MSDN was invoked but never defined (see the help page).
^ Cite error: The named reference WI4 was invoked but never defined (see the help page).
^ Hynes, Byron (November 2006). "The Future of Windows: Directory Services in Windows Server "Longhorn"". TechNet Magazine. Microsoft. Archived from the original on 30 April 2020. Retrieved 30 April 2020.
^ "Active Directory on a Windows Server 2003 Network". Active Directory Collection. Microsoft. 13 March 2003. Archived from the original on 30 April 2020. Retrieved 25 December 2010.
^ Rackspace Support (27 April 2016). "Install Active Directory Domain Services on Windows Server 2008 R2 Enterprise 64-bit". Rackspace. Rackspace US, Inc. Archived from the original on 30 April 2020. Retrieved 22 September 2016.
^ "Microsoft Kerberos - Win32 apps". docs.microsoft.com. 7 January 2021.
^ "Domain Name System (DNS)". docs.microsoft.com. 10 January 2022.
^ King, Robert (2003). Mastering Active directory for Windows server 2003 (3rd ed.). Alameda, Calif.: Sybex. p. 159. ISBN 978-0-7821-5201-2. OCLC 62876800.

[DSA-MSDN-1] Cite error: The named reference DSA-MSDN was invoked but never defined (see the help page).

[WI4-2] Cite error: The named reference WI4 was invoked but never defined (see the help page).

[:1-3] Hynes, Byron (November 2006). "The Future of Windows: Directory Services in Windows Server "Longhorn"". TechNet Magazine. Microsoft. Archived from the original on 30 April 2020. Retrieved 30 April 2020.

[adw2k3-4] "Active Directory on a Windows Server 2003 Network". Active Directory Collection. Microsoft. 13 March 2003. Archived from the original on 30 April 2020. Retrieved 25 December 2010.

[5] Rackspace Support (27 April 2016). "Install Active Directory Domain Services on Windows Server 2008 R2 Enterprise 64-bit". Rackspace. Rackspace US, Inc. Archived from the original on 30 April 2020. Retrieved 22 September 2016.

[6] "Microsoft Kerberos - Win32 apps". docs.microsoft.com. 7 January 2021.

[7] "Domain Name System (DNS)". docs.microsoft.com. 10 January 2022.

[8] King, Robert (2003). Mastering Active directory for Windows server 2003 (3rd ed.). Alameda, Calif.: Sybex. p. 159. ISBN 978-0-7821-5201-2. OCLC 62876800.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]