19 Facts About Active Directory


Active Directory is a directory service developed by Microsoft for Windows domain networks.

FactSnippet No. 1,567,388

However, Active Directory eventually became an umbrella title for a broad range of directory-based identity-related services.

FactSnippet No. 1,567,389

For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or normal user.

FactSnippet No. 1,567,390

Active Directory uses Lightweight Directory Access Protocol versions 2 and 3, Microsoft's version of Kerberos, and DNS.

FactSnippet No. 1,567,391

Active Directory support was added to Windows 95, Windows 98 and Windows NT 4.

FactSnippet No. 1,567,392

Self-managed Active Directory DS must not be confused with managed Azure AD DS, which is a cloud product.

FactSnippet No. 1,567,393

Active Directory Lightweight Directory Services, formerly known as Active Directory Application Mode, is an implementation of the LDAP protocol for AD DS.

FactSnippet No. 1,567,394

Active Directory Federation Services is a single sign-on service.

FactSnippet No. 1,567,395

Active Directory Rights Management Services is a server software for information rights management shipped with Windows Server.

FactSnippet No. 1,567,396

The executable part, known as Active Directory System Agent, is a collection of Windows services and processes that run on Windows 2000 and later.

FactSnippet No. 1,567,397

In Microsoft's Active Directory, OUs do not confer access permissions, and objects placed within OUs are not automatically assigned access privileges based on their containing OU.

FactSnippet No. 1,567,398

Active Directory requires a separate step for an administrator to assign an object in an OU as a member of a group within that OU.

FactSnippet No. 1,567,399

Common workaround for an Active Directory administrator is to write a custom PowerShell or Visual Basic script to automatically create and maintain a user group for each OU in their directory.

FactSnippet No. 1,567,400

Active Directory database is organized in partitions, each holding specific object types and following a specific replication pattern.

FactSnippet No. 1,567,401

Servers joined to Active Directory that is not domain controllers are called Member Servers.

FactSnippet No. 1,567,402

Replication for Active Directory zones is automatically configured when DNS is activated in the domain-based by the site.

FactSnippet No. 1,567,403

In general, a network utilizing Active Directory has more than one licensed Windows server computer.

FactSnippet No. 1,567,404

Backup and restore of Active Directory is possible for a network with a single domain controller, but Microsoft recommends more than one domain controller to provide automatic failover protection of the directory.

FactSnippet No. 1,567,405

Varying levels of interoperability with Active Directory can be achieved on most Unix-like operating systems through standards-compliant LDAP clients, but these systems usually do not interpret many attributes associated with Windows components, such as Group Policy and support for one-way trusts.

FactSnippet No. 1,567,406