Microsoft Active Directory Domain Services (AD DS) directory service is the distributed directory service that is included with Microsoft Windows Server operating systems. Microsoft Active Directory enables centralized, secure management of an entire network, which might span a building, a city, or multiple locations throughout the world. Microsoft Active Directory includes the following; Microsoft Active Directory DS on a Windows Server Network, Microsoft Active Directory Lightweight Directory Services (AD LDS), Structure and storage technologies, domain controller roles, replication technologies, search and publication technologies, and installation, upgrade, and migration technologies. You can connect to any domain controller remotely from any Microsoft Windows-based computer that has administrative tools installed. Microsoft Active Directory DS provides a central location to store data that is shared between applications and with applications that need to distribute their data across entire Windows networks.
A directory service provides a centralized location to store information in a distributed environment about networked devices and services and the people who use them. A directory service also implements the services that make this information available to users, computers, and applications. A directory service is both a database storage system (directory store) and a set of services that provide the means to securely add, modify, delete, and locate data in the directory store. Microsoft Active Directory provides — a central location for network administration and delegation of administrative authority. You have access to objects representing all network users, devices, and resources and the ability to group objects for ease of management and application of security and Group Policy. Information security and Single Sign-On for user access to network resources — tight integration with security eliminates costly tracking of accounts for authentication and authorization between systems.
Microsoft Active Directory DS On Microsoft Windows Server
Microsoft Active Directory DS is the information hub of the operating system. The following figure shows Microsoft Active Directory DS as the focal point of the Windows Server network used to manage identities and broker relationships between distributed resources so they can work together. Users and administrators can use desktop tools to search Microsoft Active Directory DS. By default, searches are directed to the global catalog, which provides forest wide search capabilities. The Internet standard computer location system. Microsoft Active Directory DS uses DNS to implement an IP-based naming system so that Microsoft Active Directory DS services and domain controllers are locatable over standard IP both on intranets and the Internet. Lightweight Directory Access Protocol (LDAP) support; LDAP is the industry standard directory access protocol, making Microsoft Active Directory DS widely accessible to management and query applications.
Microsoft Active Directory DS
Internal directory is used within the corporate network for publishing information about users and resources within the enterprise. A company’s internal directory may be accessible to employees when they are outside the company network using a secure connection such as a virtual private network (VPN) connection, but it is not accessible to non-employees. External Directory — these are directories typically located on servers in the perimeter network or demilitarized zone (DMZ) at the boundary between the corporate local area network (LAN) and the public Internet. External directories are typically used to store information about customers, clients, and business partners who access external applications or services. They are also made available to customers, clients, and business partners to provide them with selected business information such as catalogs and so on. Microsoft Active Directory — application directories store “private” directory data that is relevant only to the application in a local directory.
Microsoft Active Directory