Active Directory Facts
Active Directory is a centralized database that contains user account and security information.
- In a workgroup, security and management takes place on each computer, with each computer holding information about users and resources. With Active Directory, all computers share the same central database.
- The domain is the basic administrative unit of an Active Directory structure. A domainis an administratively-defined collection of network resources that share a common directory database and security policies.
- The domain allows for central administration of security settings and other administrative tasks.
- Domains can contain a number of different types of computers and operating systems, even computers not using a Windows operating system.
- Computers must be joined to a domain. Edit the System Properties to join the computer to a domain.
- To join a Windows 7 computer to a domain, the computer must be running Professional, Enterprise, or Ultimate editions.
- Database information is replicated (shared or copied) within a domain.
- Security settings are not shared between domains.
- Domains in Active Directory are identified using DNS names. The common name is the domain name itself. The distinguished name includes the DNS context or additional portions of the name.
- Within Active Directory, each resource is identified as an object. Common objects include users, groups, computers, and shared folders.
- Each object contains attributes (i.e. information about the object such as a user's name, phone number, and e-mail address) which is used for locating and securing resources.
- Active Directory uses DNS for locating and naming objects.
- Container objects hold or group other objects, either other containers or leaf objects.
- An organizational unitis like a folder that subdivides and organizes network resources within a domain. An organizational unit:
- Is a container object.
- Can be used to logically organize network resources.
- Simplifies security administration.
- In addition to OUs, Active Directory has predefined generic container objects. Like OUs, generic containers are used to organize Active Directory objects. Generic container objects have very few editable properties and cannot be created, moved, renamed, or deleted.