Microsoft developed a directory service for a Microsoft Domain network and this directory service is referred to as Active Directory. It is included in most Windows Server Operating Systems as a set of processes and services.
Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft's version of Kerberos, and DNS.
To understand above sentences we need to understand what Directory Service, Microsoft Domain, Domain Controller is. Lets find out what it is.
Directory Service
To administer, manage, locate and organize everyday items and network resources we require a share information infrastructure. Everyday items and network resources can include any or all of files, folders, users, groups, printers, volumes, devices, telephone numbers and other objects.
Directory Service is a service or infrastructure to map the names of network resources to their respective network addresses. It is a critical component of a network operating system. Such service is provided by a server and that server is known as directory server. Each network resources is called object.
What directory service does is, it defines a namespace for the network. Namespace assigns a name, called unique identifier, to each of above mentioned objects. Directories have a set of rules determining how network resources are named and identified; basic requirement is that the identifiers need to be unique and unambiguous.
When user uses a directory services there is no need for user to remember the physical address of a network resource. User can locate the resource using name. However, some directory services may include access control mechanism which could limit the accessibility and availability of directory information to authorized users.
Microsoft Domain
Microsoft domain is a computer network in which all user accounts, computers, printers and other security principals are registered with a central database located on one or more clusters of central computers known as domain controllers. Authentication takes place on domain controllers.
Each user who uses computers within a domain receives a unique user account that can be assigned access to resources within the domain. Active directory is the Windows component in charge of maintaining that central database.
Domain Controller
On Microsoft Servers, a domain controller (DC) is a server computer that responds to security authentication requests (logging in, checking permissions, etc.) within a Windows domain.
In other words, a server running Active Directory Domain Services (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows Domain type network. It assigns and enforces security policies for all computers and installing or updating software.
Example:
When a user logs into a computer that is part of windows domain, Active Directory is the one that checks thus submitted password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information at admin level and provides authentication and authorization mechanisms.
Lightweight Directory Access Protocol (LDAP)
The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
microsoft office 365 subscription for all your devices with exclusive monthly upgrades and new features of Word, Excel, PowerPoint, Onenote, Outlook, Publisher, Access, Supports 1 User / 5 PCs/Macs, 5 Tablets, 5 Phones Devices.
ReplyDelete