What is an Active Directory and How Does It Work?
An active directory is a service that is provided by Microsoft that stores information about items on a network so the information can be easily made available to specific users through a logon process and network administrators. By using an Active Directory it is possible to view an entire series of network objects from a single point and obtain an overall hierarchal view of the network.
How an Active Directory Works
An Active Directory performs a variety of tasks which include providing information on objects such as hardware and printers and services for the end users on the network such as Web email and other applications.
- Network Objects: Network objects are anything that is associated with the network such as a printer, end user applications, and security applications that are implemented by the network administrator. Network objects can also contain additional objects within their file structure which are identified by a folder name. Each object has its own unique identification by the specific information that is contained within the object.
- Schemas: Since network objects each have their own identification which is also known as a characterization schema, the type of identification is the determining factor as to how each object will be used on the network.
- Hierarchy: The hierarchal structure determines how each object can be viewed within the hierarchy which consists of three different levels which are known as a forest, tree, and domain with the forest being the highest level that allows the network administrator to see all of the objects in the active directory. The trees are the second level of the hierarchy each of which can hold multiple domains.
How an Active Directory is Used
Active Directories are used by network administrators to simplify network maintenance processes within a large organization. Instead of having to perform updates manually, a network administrator can update one object in a single process.
Active Directories are also used by network administrators to allow or deny access to specific application by the end user through the trees in the network. Additionally, they are used to keep a large network organized and maintained without having to perform each task through an individual process.
Because an Active Directory supports distributed network environments they can be extremely complex and require a network administrator who is well-versed in this type of technology. However, without an Active Directory it would be very difficult for a large organization to effectively store information and data on a large network.