Active Directory was initially released with Windows 2000 Server and revised with additional features in Windows Server 2008. Active Directory provides a common interface for organising and maintaining information related to resources connected to a variety of network directories. The directories may be systems-based (like Windows OS), application-specific or network resources, like printers. Active Directory serves as a single data store for quick data access to all users and controls access to users based on the directory's security policy.
Active Directory provides the following network services:
Active Directory is internally structured with a hierarchical framework. Each node in the tree-like structure is referred to as an object and associated with a network resource, such as a user or service. Like the database topic schema concept, the Active Directory schema is used to specify attribute and type for a defined Active Directory object, which facilitates searching for connected network resources based on assigned attributes. For example, if a user needs to use a printer with color printing capability, the object attribute may be set with a suitable keyword, so that it is easier to search the entire network and identify the object's location based on that keyword.
A domain consists of objects stored in a specific security boundary and interconnected in a tree-like structure. A single domain may have multiple servers - each of which is capable of storing multiple objects. In this case, organisational data is stored in multiple locations, so a domain may have multiple sites for a single domain. Each site may have multiple domain controllers for backup and scalability reasons. Multiple domains may be connected to form a Domain Tree, which shares a common schema, configuration and global catalogue (used for searching across domains). A Forest is formed by a set of multiple and trusted domain trees and forms the uppermost layer of the Active Directory.
Novell's directory service - an Active Directory alternative - contains all server data within the directory itself, unlike Active Directory.
Active Directory provides the following network services:
- Lightweight Directory Access Protocol (LDAP) - An open standard used to access other directory services
- Security service using the principles of Secure Sockets Layer (SSL) and Kerberos-based authentication
- Hierarchical and internal storage of organisational data in a centralised location for faster access and better network administration
- Data availability in multiple servers with concurrent updates to provide better scalability.
Active Directory is internally structured with a hierarchical framework. Each node in the tree-like structure is referred to as an object and associated with a network resource, such as a user or service. Like the database topic schema concept, the Active Directory schema is used to specify attribute and type for a defined Active Directory object, which facilitates searching for connected network resources based on assigned attributes. For example, if a user needs to use a printer with color printing capability, the object attribute may be set with a suitable keyword, so that it is easier to search the entire network and identify the object's location based on that keyword.
A domain consists of objects stored in a specific security boundary and interconnected in a tree-like structure. A single domain may have multiple servers - each of which is capable of storing multiple objects. In this case, organisational data is stored in multiple locations, so a domain may have multiple sites for a single domain. Each site may have multiple domain controllers for backup and scalability reasons. Multiple domains may be connected to form a Domain Tree, which shares a common schema, configuration and global catalogue (used for searching across domains). A Forest is formed by a set of multiple and trusted domain trees and forms the uppermost layer of the Active Directory.
Novell's directory service - an Active Directory alternative - contains all server data within the directory itself, unlike Active Directory.
No comments:
Post a Comment