Home | Articles | About | Contact | Forum |
Friday, September 20, 2019

Lunarpages.com Web Hosting

Mailing List

By Joining the mailing list you will be notified of site updates.

Show Your Support For
This Site By Donating:

Audience: Newbies - Self Learners
Last Updated: 10/24/2011 12:08:15 AM
**All times are EST**

Active Directory Basics

By Erik Rodriguez

This article is a plain and simple explanation of Microsoft Active Directory. What it is, and how it works.

What is Active Directory?

After years of working with Windows Server I'll give you an understandable definition. AD is an organizational database of all the objects, and users in a Windows network. It centrally organizes all the resources in an organization for security and distribution. What the hell does that mean? I'll explain it. It's actually pretty simple, and makes sense. The next few sections will explain some of the features that make AD so attractive.

Think of AD as a "directory." Meaning, all services and actions performed must contact the directory for details and locations. AD is the heart of a Windows network.It provides the function of everything from holding namespace all the way to granular security. AD serves as a true "directory" of user accounts, aliases, object and server names. Permissions and access controls are easily defined and management of network resources is simplified. If you ever worked with Novell Directory Services (NDS) active directory will seem similar.

Global Catalog Server

A global catalog server is created by default when AD is deployed on a Windows server. It is used to process logons and answers other queries about the state and location of different objects in the forest. You can specify other servers in your organization to also act as global catalog servers. In organizations with 2 Windows Servers, I always specify the second server as a duplicate GC and domain controller. This ensures that users can still logon to the domain in the event that one of servers is down.

Domain Controller

By default, when you install Windows Server, it will have the role of a "stand-alone server." In order to use AD, that role must be changed to a domain controller. The next question you might ask is, how is a domain controller different from a stand-alone server. The simple answer: many ways. A stand-alone server acts much like a regular [xp] box. A DC holds domain-wide directory data and manages user-domain interactions. They process logons, authentication and directory searches. By running a server as a DC with Active Directory, management is simplified, and you get a rich, full-featured set of tools to run your network.

Components of a Domain Controller

A domain controller holds all the user accounts, groups, and other organization units of the network. These are often referred to as "objects." Active directory creates and maintains a "Global Catalog." The GC is used as a reference to find different objects. It doesn't come into play too much in a small, single-domain network. However, it is important, as many things will take much longer without it. The best feature of AD is that it will synchronize with any other DC in it's domain. For example, you have two servers running AD on the network. If you add two user accounts on server1, those user accounts will automatically appear on server2 in a few minutes. It's called replication. Replication is what makes AD a night in shinning armor.

Personally, I had a situation where a two-server network was operational after one had crashed. However, the server that crashed was the GC, and the second server was not an additional GC. Users were still able to logon (using cached credentials), but navigating through different file shares and some other AD dependent tasks took nearly 4 times as long. This was because the AD was requesting objects from the GC. When it figured out the GC wasn't available, it simple used a "cached" copy of the information from the active directory. Needless to say everyone bitched about how slow the network was until I was able to fix it.

Contact Us

If you found this information useful, click the +1 button

Your E-mail:


Type verification image:
verification image, type it in the box


NOTE: this form DOES NOT e-mail this article, it sends feedback to the author.

Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth

Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez