Active Directory is a directory service developed by Microsoft for Windows domain networks.
|FactSnippet No. 1,567,388|
However, Active Directory eventually became an umbrella title for a broad range of directory-based identity-related services.
|FactSnippet No. 1,567,389|
For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or normal user.
|FactSnippet No. 1,567,390|
Active Directory uses Lightweight Directory Access Protocol versions 2 and 3, Microsoft's version of Kerberos, and DNS.
|FactSnippet No. 1,567,391|
Active Directory support was added to Windows 95, Windows 98 and Windows NT 4.
|FactSnippet No. 1,567,392|
Self-managed Active Directory DS must not be confused with managed Azure AD DS, which is a cloud product.
|FactSnippet No. 1,567,393|
Active Directory Lightweight Directory Services, formerly known as Active Directory Application Mode, is an implementation of the LDAP protocol for AD DS.
|FactSnippet No. 1,567,394|
Active Directory Federation Services is a single sign-on service.
|FactSnippet No. 1,567,395|
Active Directory Rights Management Services is a server software for information rights management shipped with Windows Server.
|FactSnippet No. 1,567,396|
The executable part, known as Active Directory System Agent, is a collection of Windows services and processes that run on Windows 2000 and later.
|FactSnippet No. 1,567,397|
In Microsoft's Active Directory, OUs do not confer access permissions, and objects placed within OUs are not automatically assigned access privileges based on their containing OU.
|FactSnippet No. 1,567,398|
Active Directory requires a separate step for an administrator to assign an object in an OU as a member of a group within that OU.
|FactSnippet No. 1,567,399|
Common workaround for an Active Directory administrator is to write a custom PowerShell or Visual Basic script to automatically create and maintain a user group for each OU in their directory.
|FactSnippet No. 1,567,400|
Active Directory database is organized in partitions, each holding specific object types and following a specific replication pattern.
|FactSnippet No. 1,567,401|
Servers joined to Active Directory that is not domain controllers are called Member Servers.
|FactSnippet No. 1,567,402|
Replication for Active Directory zones is automatically configured when DNS is activated in the domain-based by the site.
|FactSnippet No. 1,567,403|
In general, a network utilizing Active Directory has more than one licensed Windows server computer.
|FactSnippet No. 1,567,404|
Backup and restore of Active Directory is possible for a network with a single domain controller, but Microsoft recommends more than one domain controller to provide automatic failover protection of the directory.
|FactSnippet No. 1,567,405|
Varying levels of interoperability with Active Directory can be achieved on most Unix-like operating systems through standards-compliant LDAP clients, but these systems usually do not interpret many attributes associated with Windows components, such as Group Policy and support for one-way trusts.
|FactSnippet No. 1,567,406|