Windows Server 2016Windows Server 2019

What Is Active Directory

Best Understanding Of Active Directory in 8 Steps

What is Active Directory & How It Works

You might have heard people talking about what is Active Directory. which is Microsoft software that organizes and gives access to information in the operating system directory.

This software manages computers and other devices over a network.

Therefore, In simple words, we can say that it connects all the individual machines on a network.

However, it allows an administrator to control every computer along with sharing information between machines easily.  

what is active directory and how it works

What is (AD DS)?

Active Directory (AD) is actually a directory service developed by Microsoft for Windows domain networks.

Large organizations depend on AD DS to manage users, computers, permissions, and file servers.

They use it primarily to perform authentication and authorization.

AD DS also helps organizations to have a central administration over all the activities carried out over a windows network.

Moreover, AD also allows network administrators to create and manage domains, objects, and users within a network.

Let’s understand it with an example:

An administrator can create a group of users and can give specific access rights and privileges to certain directories over a network.

As this network grows, AD provides a way to manage a large number of users into groups and subgroups while providing them access at a certain level as required.

Active Directory Users And Computers 

Active Directory Structure Components

Active Directory structure involves some main tiers which include:

  • Domain
  • Forest
  • Organizational unit
  • Tree
  • Global catalogs


Why is Active Directory Important?

Active directory is important for any business or company as it helps them to organize the company’s computers, users, and moreover a network.

The IT administrator within an organization uses an active directory to organize a complete organizational hierarchy.

Where users will have access to storage,  what will be their profile picture to which computers belong to which particular network and more?

An Active Directory stores information about objects on a network and makes this information easy to use for administrators as well as users.

The Active Directory domain service is included with the Windows server and is actually designed to manage the client system.

AD is also supported by the systems running on regular versions of windows.  


Understanding Active Directory Hierarchy Structure

Active directory considered to have both physical and logical structures.

The activity directory forms a tree-like structure with one root domain following its child domains.

Let’s understand each element of this along with their importance.  


What is an Active Directory Forest?

If you are the IT admin of any organization, then you are the one responsible for managing the critical assets of your organization and active directory will be your important tool.

Within the active directory hierarchy, the forest is the most important part containing all other users, domains, group policies, computers, and other network objects.

Forest is the largest unit in AD and is a collection of trees sharing a common schema.

The trees under forest have a unique name and the domains within the trees share the same namespace as the tree.

AD forest represents a logical security boundary and trees under this automatically trust each other.

The domains within the forest further share a common global catalog which is just as same as it sounds.

However, It is actually a catalog of the information for all the objects like users, computers, and more within the forest.

There are three different types of forest design models which one may use as per his business requirements. These models are:

  • Organizational forest model
  • Restricted access forest model
  • Resource forest model


What is an AD domain?

The domain in AD is the collection of different objects where the objects could be a single user, group or it can be any hardware component such as printer or computer.

The domain in active directory sits directory below the forest.

The active directory domain is the part of the AD hierarchy and is the central location for all the administrative work and security policies.

Each domain is assigned a separate database account where the administrator manages all the objects under that domain.

The group of users and computers share the characteristics of administration and centralized security.

The domain has a boundary for security.  The administrator of any domain is the administrator for that domain and no others.

The domains in the same forest have trust relationships.

The AD domains may have their own child domains that are set up to avoid issues when a domain is down.

The domain is all responsible for the working of AD.

Furthermore, the AD domains are controlled by a domain controller that acts as domain authority.

Therefore, It is responsible for all the AD object permissions, modifications, authentications, and more.  


What is the Active Directory Organizational Unit (OU)?

An organizational unit is a container object that organizes objects in active directory for the purpose of group policy application or the administration.

Therefore, It exists within the domain and can contain objects from that particular domain.

This is a subdivision within an AD where one can place users, computers, groups, and the other organizational units.

Each domain can implement its own OU hierarchy.

These are created to mirror the organization’s functional and business structure.

Moreover, OU’s allow one to delegate admin tasks to users or groups without making them administrators of the AD.

If you need a particle demo about what is Active Directory and how to configure it.

Please watch the video below to understand what is AD DS

AD Tutorial For understanding. For More Tutorial Visit Techi Jack Youtube Channel

Techi Jack

Techi Jack is an alternate internet name for Vikas Jakhmola, an IT professional with more than 12 years' experience. Currently, he is working as a freelancer. His experience includes setting up networks and servers for multiple organizations. He has been working with the server since 2003. TechiJack, or Vikas Jakhmola, shares his expertise and knowledge on his blog and in training courses.
Back to top button