In this introductory lesson, I will try to present Active Directory in general terms and without going into the technical details.
Active Directory is often presented as a directory LDAP (Lightweight Directory Access Protocol) proprietary to Microsoft. This definition is “reductive”.
In summary, Active Directory is a set of services available on Windows Server that is presented as an AD DS (Active Directory Domain Services) role.s).
The basis of Active Directory is indeed an LDAP (protocol) directory with a set of services that rely on this directory.
Here is a non-exhaustive list of services available when installing the AD DS role:
- An LDAP directory
- Identification and authentication of elements on the company network
- DNS
- National Time Service (NTP)
- Grouping of information system elements (computers, users) into a logical entity (domain).
- Implementation of a strategy to provide settings to computers and users (Roaming profiles, redirection of user folders to a server, locking of certain features, mapping of network drives and printers…).
- Resource sharing (Network drive, shared printers…)
- Resource access management (permissions based on group membership…)
- …
When configuring the Active Directory role, the server is referred to as a domain controller.
Computers integrated into the Active Directory environment are members of the domain.
Home versions of Windows cannot be members of a domain; this is reserved for Professional and Enterprise versions.
The main element that defines an Active Directory environment is a domain name like the one used to define a website.
Active Directory services are widely used in businesses because they allow administrators to have a centralized environment to manage all the services mentioned above.
In addition, many ancillary services such as messaging (Exchange, SharePoint) and third-party software can interact with Active Directory services to centralize authentication and access rights.