Active Directory (AD) is the native directory service for Microsoft Windows, and it plays a crucial role in managing Windows-based networks. Active Directory was first introduced with Windows 2000 Server and has evolved over the years to become a powerful and integral part of Windows network administration. Here are some key points to understand about Active Directory:
Role of Active Directory:
- Active Directory serves as a centralized directory service for Windows-based networks. It provides a hierarchical structure for organizing and managing network resources, including user accounts, computers, printers, and more.
- AD is not limited to Windows environments only. It can interoperate with Linux, macOS, and other non-Windows hosts using the LDAP protocol, making it a versatile solution for network management.
- In addition to directory services and centralized authentication, Active Directory also manages Group Policy Objects (GPOs), which are used to configure and control the behavior of Windows machines within the network.
Active Directory Administrative Center (ADAC):
- ADAC is a tool used for administering Active Directory. It provides a user-friendly interface for performing various administrative tasks related to AD.
- It is one of the primary tools used for everyday tasks in Active Directory management.
Hierarchy in Active Directory:
- Active Directory follows a hierarchical structure. Everything in AD is considered an object, and some objects can act as containers for other objects.
- The main hierarchical components in AD include domains, organizational units (OUs), and containers. OUs can contain other OUs, but ordinary containers cannot contain other containers.
Forest and Domain:
- In the AD hierarchy, a forest is the highest level.
- It can contain one or more domains.
- A domain is identified by a short name (e.g., example) and a DNS name (e.g., example.com).
- Objects within a domain have DNS names that belong to the domain's DNS zone.
Common Containers in Active Directory:
- Computers:
- This container is where new AD computer accounts are created when computers are joined to the AD domain.