Active OS, network resources; file servers and printers

Active
Directory (AD) is a Windows OS directory service that was embedded into Windows
2000 Server and later improved with more features in Windows Server 2008. It is
currently available in most of Window Server OS’. Its purpose of this directory
service is to manage authentication of every node on the network by implementing
security policies for each. Active Directory facilitates unified working with
interconnected, sophisticated, and different network resources and serves as a
single data store for fast data access to all end-users and manages access
based on the directory’s security blueprint. Active Directory allows network
administrators to create and manage domains, users, and objects on any type of
network; this can be LAN, WAN, MAN or any other. For example, if I was a
network administrator, I could grant specific users or a group of user’s
certain access privileges to particular directories on the server, these users
could be management who would have the clearance to access that information. As
my network grows, Active Directory could support my organisation by offering a
method to organise a multitude of users into easily manageable groups and
subgroups with each having different levels of access control. Active Directory
is a primary component of directory services as it provides all the other
directory services e.g. account management, authentication management for users
on a network.

Active
Directory offers a familiar interface to organise and maintain information concerning
resources that are connected to various network directories e.g. system based, Windows
OS, network resources; file servers and printers or application specific. Active
Directory also supports account management whereby a network server can manage
account access through active directory by allowing them to manage their
accounts without any restrictions on the basic functions. Authentication
details e.g. username, password inputted by the user and checked against the
credentials on the server, based on this the end-user is either allowed or
denied access. Authentication can be controlled and arranged into groups
depending on what information the users are allowed to access. Similarly,
network permissions can be set for individual users or an entire group of
users.

Active
Directory provides a variety of network services to end-users; Lightweight
Directory Access Protocol (LDAP) which is an industry standard application
protocol used to access and maintain distributed directory information services
over an IP network, authentication management e.g. Secure Socket Layer (SSL), Domain
services involving the storage of centralised data and management of
communication between end-users and domains; this service also includes
authentication and search functionality. Furthermore, it provides certificate
services, used to create, distribute, and manage secure certificates. Rights
management service involves copyrighted information being protected from
unauthorised use and digital distribution. Directory Federal Services provides
a single-sign-on (SSO) to validate a user in several web applications in one
session.

Active
Directory’s structure encompasses three fundamental tiers, a. Domains, b. Trees
and c. Forests. Multiple objects e.g. users and devices using the same database
could be grouped into one domain. Multiple domains can be combined into one
group known as a tree. Multiple trees can be grouped into one group called a
forest. The purpose of each tier is to provide their own specific access and
communication privileges to end-users. The directory service can be sectioned into
single or conjoined domains, a single domain can be a cluster of users, computer
systems, and resources such as printers controlled with a specific set of regulations.
A domain contains name, databases, and policies applicable to every resource within
that domain, it is monitored by a Domain Controller (DC) is a server which provides
authentication for users of the domain by responding to security authentication
requests within a Windows Server domain; it is responsible for enabling host access
to windows domain resources and also maintains security policies.