19 Facts About Active Directory

Active Directory is a directory service developed by Microsoft for Windows domain networks.

However, Active Directory eventually became an umbrella title for a broad range of directory-based identity-related services.

For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or normal user.

Active Directory uses Lightweight Directory Access Protocol versions 2 and 3, Microsoft's version of Kerberos, and DNS.

Active Directory support was added to Windows 95, Windows 98 and Windows NT 4.

Related searches

Self-managed Active Directory DS must not be confused with managed Azure AD DS, which is a cloud product.

Active Directory Lightweight Directory Services, formerly known as Active Directory Application Mode, is an implementation of the LDAP protocol for AD DS.

Active Directory Federation Services is a single sign-on service.

Active Directory Rights Management Services is a server software for information rights management shipped with Windows Server.

The executable part, known as Active Directory System Agent, is a collection of Windows services and processes that run on Windows 2000 and later.

In Microsoft's Active Directory, OUs do not confer access permissions, and objects placed within OUs are not automatically assigned access privileges based on their containing OU.

Active Directory requires a separate step for an administrator to assign an object in an OU as a member of a group within that OU.

Common workaround for an Active Directory administrator is to write a custom PowerShell or Visual Basic script to automatically create and maintain a user group for each OU in their directory.

Active Directory database is organized in partitions, each holding specific object types and following a specific replication pattern.

Servers joined to Active Directory that is not domain controllers are called Member Servers.

Replication for Active Directory zones is automatically configured when DNS is activated in the domain-based by the site.

In general, a network utilizing Active Directory has more than one licensed Windows server computer.

Backup and restore of Active Directory is possible for a network with a single domain controller, but Microsoft recommends more than one domain controller to provide automatic failover protection of the directory.

Varying levels of interoperability with Active Directory can be achieved on most Unix-like operating systems through standards-compliant LDAP clients, but these systems usually do not interpret many attributes associated with Windows components, such as Group Policy and support for one-way trusts.