Other Free Encyclopedias » Online Encyclopedia » Encyclopedia - Featured Articles » Featured Articles: Timex Indiglo Watches - The History of Timex Indiglo Watches to Zermatt Switzerland Hotels - Hotels in Zermatt

What Is Active Directory - What is Active Directory?

system security objects information

Active Directory is a network and directory management system designed by Microsoft that allows a variety of directory managements options and security features to be implemented in a single package. It was released with the sever edition of Windows 2000, and it was upgraded with Windows Server 2003. It supports Lightweight Directory Access Protocol (LDAP), Kerberos based authentication, and Domain Name System (DNS) conventions and practices.
Essentially, Active Directory organizes the components, systems, servers, sites, individual computers and so on into a hierarchy of items of basically equal information status called objects. There is a sub-classification scheme here in that the system sees two main categories of objects: Security Principals, and Resources. Security Principals include users and computer accounts or groups of accounts with their files and databases. Resources are generally physical hardware such as fax machines, scanners, and printers.
A large part of the function of Active Directory is to safeguard the security of networks and allow them to be safely accessed on the internet. Thus, security identifiers are given to the Security Principal objects, and these are used by the system to determine levels of access and security control.
To get a bit more in depth, each object has a set of attributes that define the types of information it may include as seen by the system. These attributes are in turn based on schema, which are basic information conventions used by Active Directory itself. Thus If schema objects are altered, the changes made work their way through the entire system’s organizational structure. For this reason, changes in schema objects are not often made, whereas attributes may be changed fairly easily.
Active Directory reduces data redundancy by having a central access and administration point – a single server or group of servers – for all the organizational and administrative tasks of the network. A network may be as small as a few computers in a single office or as large as thousands of computers distributed in a series of different countries.
One of the most basic types of objects within Active Directory is called a domain. A domain is a directory database that includes information particular to that database or domain. Extending upward and outward from the domain in the data structure of Active Directory, one encounters trees, which may either be domains or groups of domains, and forests, which are collections of trees. Forests are the largest grouping possible in the system and thus have various attributes from a security standpoint. Information from beyond the forest in subject to basic security restrictions and protocols.
Within domains, organization is mostly accomplished by what are called Organizational Units (OUs). OUs define organization all though they do not actually contain information, except in the sense that they may contain other OUs. The entire OU structure is basically a simulated one superimposed on top of a standard flat file type of storage system for domain objects. They give the appearance of being organizers but in fact merely correlate the actual objects in terms of various organizational considerations.
As well as domains and OUs Active Directory also recognizes sites, which are considered literal physical locations where data transfer is taking place – at specific locations characterized by specific hardware types, connection speeds and so on. These do not necessarily directly correlate with groups of domains, trees, and so on, though they may. They are basic forest divisions based on various physical features that characterize them.
Its use of Lightweight Directory Access Protocol allows for easy integration of Active Directory networks and directories with each other and other types of networks on the web. LDAP is the industry standard for directory access protocol and allows for directory and database interaction that is easy and efficient.
Active Directory is a useful and easy to implement system and is one of the better organized and implemented network management systems out there. System administrators find this system invaluable for creating secure and well organized networks of all types that are easily interfaceable with the rapidly expanding internet.

What Is Business Management - What Is Business Management And How Does It Create Financial Success? [next] [back] Payday Loan No Credit Check - What You Should Know About A Payday Loan with No Credit Check - Advantage Of Payday Loan No Credit Check:

User Comments

Your email address will be altered so spam harvesting bots can't read it easily.
Hide my email completely instead?

Cancel or