04/16/2024 | News release | Distributed by Public on 04/16/2024 08:22
Active Directory (AD) is the cornerstone of any on-premises or hybrid Microsoft environment. It stores information about users, computers and other objects, and provides vital services that enable employees to be productive and business processes to run. This article covers the Active Directory basics you need to know.
Active Directory is a directory service for Windows network environments. The directory serves as a central database for information about users, computers, groups and other objects in the environment. The core services that AD provides are authentication and authorization:
An Active Directory environment is structured in a hierarchy: forest, tree and domain. The primary units are forests and domains; trees are the logical structure of domains and child domains under them.
A forest is a set of one or more domains. Many organizations have a single forest, but organizations with multiple divisions, service providers, and companies in the process of a merger or acquisition often have multiple forests.
A forest is a security boundary - objects in different forests cannot interact with each other unless the administrators of the forests create a trust between them. A trust is a method of linking two forests to enable a seamless authentication and authorization experience for users.
Trusts can be one-way (users in domain A can access resources in?domain B, but not vice-versa), or two-way (users in either domain can access resources in the other forest). A trust can also be transitive or non-transitive, which determines whether it can be extended outside of the two domains with which it was formed.
A domain is a collection of AD objects, such as users, computers, groups and Organizational Units, that are stored in a shared database. An Active Directory domain is a management boundary, which means the objects in it can be managed together.
An AD domain can be further organized into organizational units. Administrators often use OUs to group users, computers and users into units that mirror the organization's structure to easily apply relevant policies to each group. For example, you might have an OU for each department that contains the associated user and computer objects.
The logical structure of Active Directory is what we've just described, with components such as forests, trees, domains and OUs.
The physical components of Active Directory include:
Some other Active Directory fundamentals include the following:
To learn about Active Directory step by step, you can use this ordered list of posts on AD basics:
What is Active Directory?
Microsoft Active Directory is a directory service that runs on Windows servers called domain controllers (DCs). It stores information about users, computers and other objects in a database, including properties like names and passwords, and provides authentication and authorization services.?
What is Active Directory Domain Services??
Active Directory Domain Services (AD DS) is one of the directory services provided by Active Directory. Its primary functions are providing authentication and authorization to manage access to network resources.
What are LDAP and DNS?
Lightweight Directory Access Protocol (LDAP) provides a common language that servers and clients can use to communicate.?
Domain Name System (DNS) translates a human-readable domain name like www.netwrix.com into an IP address to load the correct webpage.
Where can I get started learning about Active Directory?
There are a variety of free resources that can help you understand the fundamentals of Active Directory. Here are some of our favorites:
Is there a certification for Active Directory?
There are no notable certifications specific to Active Directory. However, Microsoft offers a variety of credentials and certifications that you can explore.?
What sources - blogs, forums and other types of content - do you use to learn about Active Directory? We want to know! Please let us know in the comments on this post.