Scribd
Upload
182 views

Addis Ababa University Faculty of Informatics Department of Computer Science

This document provides an overview of Active Directory, a directory service used in Windows networks. It describes Active Directory as a centralized database that stores information about users, computers, and other network resources. This allows administrators to manage access to resources across the network from a single location. The summary discusses key Active Directory benefits like security, administration policies, scalability and integration with DNS. It also covers Active Directory domains, forests and how user accounts are associated with specific domains through their principal name suffixes.

Uploaded by

minichel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
182 views

Addis Ababa University Faculty of Informatics Department of Computer Science

This document provides an overview of Active Directory, a directory service used in Windows networks. It describes Active Directory as a centralized database that stores information about users, computers, and other network resources. This allows administrators to manage access to resources across the network from a single location. The summary discusses key Active Directory benefits like security, administration policies, scalability and integration with DNS. It also covers Active Directory domains, forests and how user accounts are associated with specific domains through their principal name suffixes.

Uploaded by

minichel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 9

Addis Ababa University

Faculty of Informatics
Department of Computer Science

Active Directory

Directory Service

Directory Service - is a software application that stores and organizes


information about a computer network's users and network resources,
and that allows network administrators to manage users' access to the
resources.
LDAP (Lightweight Directory Access Protocol) is the directory

service for Unix.


Active Directory (AD) is the directory service for Windows 2000

Server. It stores information about objects on the network and makes


this information easy for administrators and users to find and use.

With a single network logon, administrators can manage directory data


and organization throughout their network, and authorized network users
can access resources anywhere on the network.

Server-client architecture

Benefits of Active Directory

Active Directory provides:


Information security

Policy-based administration
Extensibility
Scalability
Replication of information
Integration with DNS
Flexible querying

Active Directory was released first with Windows 2000 Server edition,
and revised to extend functionality and improve administration in
Windows Server 2003.

Domains

A domain is just a group of servers and workstations that agree to


centralize user and machine accounts and passwords in a shared database.

A security boundary

Domains do several things for us.


Keep a central list of users and passwords.
Provide a set of servers to act as authentication servers or logon
servers known as domain controllers
Maintain a searchable index of the things in the domain, making it
easier for people to find resources
Let you create users with different levels of powers
Allow you to subdivide your domains into subdomains called
organization units or OUs.

A forest can contain one or more domain


trees.

You create a domain by installing the first domain controller


(AD server) for a domain.

Domains that form a single domain tree share a contiguous


namespace (naming hierarchy).

For example, a domain with a NetBIOS name of "grandchild"


that has a parent domain named parent.microsoft.com, would
have a fully qualified DNS domain name of
grandchild.parent.microsoft.com.

In Active Directory, each user account has a user logon name, and a
user principal name suffix.

The user principal name is composed of the user logon name and the
user principal name suffix joined by the @ sign. the user principal
name suffix, identifies the domain in which the user account is located.

The logon name for a user named abebe in microsoft.com domain


would be

[email protected].

You might also like