A

Active Directory

Alias : active directory, ad

Active Directory (AD) is a directory service created by Microsoft that centralizes the management of users, computers, and resources (printers, file shares) within a Windows network. It's the "brain" of the company: it ensures that the right person has secure access to the right resources.

Active Directory (AD) is a directory service created by Microsoft that centralizes the management of users, computers and resources (printers, file shares) within a Windows network.

It is the “brain” of the company: it ensures that the right person has access to the right resources, securely.

What is its practical purpose?

  • Single Sign-On (SSO): A user has only one username and password to log in to any PC on the network and access its applications.
  • Centralized management: The administrator can create, modify, or delete a user account in one place, and the change is reflected everywhere.
  • Security and Rights: We define who has the right to open a particular file or use a particular printer via… Security groups.
  • GPO application: It is via Active Directory that the famous configuration rules (wallpapers, USB restrictions) are deployed across the entire network.

The 3 key concepts of AD

  1. The Domain Controller (DC): This is the server that hosts the Active Directory database and validates user connections.
  2. The Organizational Unit (OU): A sort of “folder” to classify users by department (e.g., Accounting, HR, IT) in order to apply specific rules to them.
  3. The Forest: This is the highest level which encompasses all areas of a company.

Analogy: Active Directory is like the badge system of a large office building. The badge (your AD account) allows you to pass through the main entrance, but also to open only the doors of the offices to which you have access.