Active Directory (AD)
Definition - What does Active Directory (AD) mean?
Active Directory (AD) is a Windows OS directory service that facilitates working with interconnected, complex and different network resources in a unified manner.
Active Directory was initially released with Windows 2000 Server and revised with additional features in Windows Server 2008. Active Directory provides a common interface for organizing and maintaining information related to resources connected to a variety of network directories. The directories may be systems-based (like Windows OS), application-specific or network resources, like printers. Active Directory serves as a single data store for quick data access to all users and controls access for users based on the directory's security policy.
Techopedia explains Active Directory (AD)
Active Directory provides the following network services:
- Lightweight Directory Access Protocol (LDAP) – An open standard used to access other directory services
- Security service using the principles of Secure Sockets Layer (SSL) and Kerberos-based authentication
- Hierarchical and internal storage of organizational data in a centralized location for faster access and better network administration
- Data availability in multiple servers with concurrent updates to provide better scalability
Active Directory is internally structured with a hierarchical framework. Each node in the tree-like structure is referred to as an object and associated with a network resource, such as a user or service. Like the database topic schema concept, the Active Directory schema is used to specify attribute and type for a defined Active Directory object, which facilitates searching for connected network resources based on assigned attributes. For example, if a user needs to use a printer with color printing capability, the object attribute may be set with a suitable keyword, so that it is easier to search the entire network and identify the object's location based on that keyword.
A domain consists of objects stored in a specific security boundary and interconnected in a tree-like structure. A single domain may have multiple servers – each of which is capable of storing multiple objects. In this case, organizational data is stored in multiple locations, so a domain may have multiple sites for a single domain. Each site may have multiple domain controllers for backup and scalability reasons. Multiple domains may be connected to form a Domain Tree, which shares a common schema, configuration and global catalog (used for searching across domains). A Forest is formed by a set of multiple and trusted domain trees and forms the uppermost layer of the Active Directory.
Novell's directory service, an Active Directory alternative, contains all server data within the directory itself, unlike Active Directory.