Windocuments.net

Active Directory Domain Services (AD DS)

AD DS is a database of all the users, computers, folders, printers, and other objects connected to your network. The most common use is to provide authentication to the users on the network. Active Directory is organized into a tree structure where objects can have mutiple children but only one parent.Common objects are users,computers,printers,folders,files that are grouped into containers usually organizational units.Containers are used to provide structure and separation to the objects in a directory.



AD DS Structure

Active Directory is made up of forests and domains.An Active Directory forest is the top level in the hierarchy.A forest is a collection of Active Directory domains that share a schema and some security principals.There are automatic trust relationships between all domains in a forest,meaning that accounts in one domain in the forest can be granted rights to resources in other domains.After the forests come the domain that are a collection of objects that share the same database in Active Directory.



Domains

At the root of all AD DS installations is the domain, and when AD DS is installed onto a Windows Server, that server becomes the domain controller (DC) where the directory is stored.The DC is responsible for answering all authentication requests,object queries and all activity performed against the directory.A DC also authoritative for only one domain so if you have a second domain you need to create a new DC in that domain.You should have at least two domain controllers per domain for redundancy, also make sure you take regular backups of the domain controllers in the root domain.