Active Directory is a Microsoft technology used to manage computers and other devices on a network.
This is a primary feature of Windows Server, an operating system that runs on both local and Internet-based servers.
Active Directory allows network administrators to create and manage domains, users, and objects on a network. For example, an admin can easily create a group of users and provide them with some specific access rights in some directories in a server.
As a network grows, Active Directory provides a way to organize many users into logical groups and subgroups while providing access control at each level.
An Active Directory structure mainly consists of three main tiers:
Many objects (users or devices) that use the same database can be grouped into a single domain.
Multiple domains are combined into a single group called a tree.
At the same time, multiple trees are grouped to prepare a collection which is called a forest.
Here, each level is assigned specific access rights and communication rights. Active Directory provides many different services under the same umbrella, “Active Directory Domain Services,” or AD DS.
Let us know about all these services:
1. Domain Services stores centralized data and manage communication between users and domains; It also includes login authentication and searches functionality.
2. Certificate Services – It creates, distributes and manages secure certificates.
3. Lightweight Directory Services supports directory-enabled applications using the open (LDAP) protocol.
4. Directory Federation Services – It provides single-sign-on (SSO) to authenticate a user across multiple web applications in a single session.
5. Rights Management – It protects copyrighted information; for this, it prevents unauthorized use and distribution of digital content.
AD DS is included with Windows Server (including Windows Server 10) and designed to manage client systems.
If there is a system running regular versions of Windows and does not have administrative features of AD DS, then they still support Active Directory. This also means that any Windows computer can easily connect with a Windows workgroup to ensure that the user has the correct login credentials.