1) What is Active Directory:
Active Directory (AD) is a proprietary architecture of Microsoft. This is an indispensable architecture on Windows Server, understandably a directory service. Active Directory is a standardized system with perfect centralized management capabilities for users as well as resources in a network. Active Directory is used in the “Server – Client” network model.
When Windows 2000 is released, Microsoft integrates an Active Directory component. When a Windows server uses Windows 2000 Server, Windows Server 2003 or Longhorn Server, the domain controller’s job is to run the Active Directory service. The Active Directory is the heart of Windows Server 2003, almost all of the activities that take place on the system are controlled and controlled by Active Directory. From Windows NT4.0 or later, Microsoft has developed the Active Directory system used to store domain data such as user, computer, and group objects that provide services (search directory). Access, authorization, and especially authentication services built on the Kerberos protocol support single sign-on mechanisms, allowing users to only authenticate once when logging into the domain and have can access all of the system’s shared resources and services with valid permissions.
With its services and utilities, Active Directory mitigates management and improves operational efficiency, tasks that are almost impossible to implement on a distributed, peer-to-peer network. Now we can easily proceed through a centralized management model, such as providing general policies for the entire system, but at the same time can delegate administration to divide management capabilities in one large environment.
2) Active Directory features:
Centralized Data Store – Centralized data storage: All data and information in the system are stored centrally, allowing users to access data from anywhere, anytime time to improve the management performance of the system, reducing the lack of risk for resources.
Scalability – Flexibility with demand: Active Directory provides flexible management solutions for each specific needs on the defined infrastructure of businesses.
Extensibility – The Active Directory database allows administrators to customize and develop, in addition to being able to develop applications using this database, making full use of their capabilities and performance. Active Directory.
Manageability – Easy management capabilities: The Active Directory is organized under the Directory Service mechanism under the Directory organization model, giving administrators the most comprehensive view of the system and helping users to can easily access and use system resources.
Integration with Domain Name System (DNS): DNS is an essential partner for Active Directory, in a network, Active Directory services only work when DNS services are installed. DNS is responsible for navigating, resolving Active Directory Domain Controllers in the network, and is even more important in the Multi-Domain environment. DNS is easily integrated into Active Directory to enhance security and the ability to synchronize domain controllers with each other in multiple Domain environments.
Client Configuration Management: Active Directory provides us with the ability to administer client-side configurations, making system administration easier and improving user mobility.
Policy-based administration: In Active Directory, network management is ensured through resource management policies and access rights on sites, domains, and organizational units. This is one of the most important features integrated into Active Directory.
Replication of information: Active Directory provides the ability to synchronize information data between domains, on the platform, and multiple domain environments with the aim of minimizing risks and improving the performance of network systems.
Flexible, secure authentication and authorization: Active Directory provides many authentication mechanisms such as Kerberos, Secure Socket Layer and Transport Layer Security to help secure user information when authenticating resource access information.
Security integration: Active Directory is integrated by default in Windows Server versions, so Active Directory works very easily and flexibly, access control on the system defined on each object, each property of the statue. Not only that, the security policies applied are not only on local but also applied on defined sites, domains or OU.
Directory – enable applications and infrastructure: Active Directory is an excellent environment for administrators to configure and configure