What is Active Directory ?
Active Directory is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems.
Active Directory provides a central location for network administration and security.
Server computers that run Active Directory are called domain controllers.
An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network assigning and enforcing security policies for all computers and installing or updating software. For example, when a user login into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a have authorization or not.
Active Directory makes use of Lightweight Directory Access Protocol,Kerberos and Domain Name System to manage environment.
Structure
An Active Directory structure is a hierarchical arrangement of information about objects(ex:users,computers,etc..). The objects fall into two broad categories: resources (e.g., printers) and security principals (user or computer accounts and groups). Security principals are assigned unique security identifiers (SIDs).
Each object represents a single entity—whether a user, a computer, a printer, or a group—and its attributes. Certain objects can contain other objects. An object is uniquely identified by its name and has a set of attributes—the characteristics and information that the object represents— defined by a database schema, which also determines the kinds of objects that can be stored in Active Directory.
The following diagram illustrates the relationship of the Active Directory domains, OUs, trees, and forests.
good work