An active directory is a service that is provided by Microsoft that stores information about items on a network so the information can be easily made available to specific users through a logon process and network administrators. By using an Active Directory it is possible to view an entire series of network objects from a single point and obtain an overall hierarchal view of the network.
How an Active Directory Works
An Active Directory performs a variety of tasks which include providing information on objects such as hardware and printers and services for the end users on the network such as Web email and other applications.
* Network Objects: Network objects are anything that is associated with the network such as a printer, end user applications, and security applications that are implemented by the network administrator. Network objects can also contain additional objects within their file structure which are identified by a folder name. Each object has its own unique identification by the specific information that is contained within the object.
* Schemas: Since network objects each have their own identification which is also known as a characterization schema, the type of identification is the determining factor as to how each object will be used on the network.
* Hierarchy: The hierarchal structure determines how each object can be viewed within the hierarchy which consists of three different levels which are known as a forest, tree, and domain with the forest being the highest level that allows the network administrator to see all of the objects in the active directory. The trees are the second level of the hierarchy each of which can hold multiple domains.
How an Active Directory is Used
If you are a computer administrator for a large corporation or organization, you can easily update all end users computers with new software, patches and files simply by updating one object in a forest or tree.
Because each object fits into a set schema and has specific attributes, a network administrator can easily clear a person on a set tree or instantly give or deny access to select users for certain applications. The Microsoft servers use trust to determine whether or not access should be allowed. Two types of trusts that Microsoft active directories incorporate are transitive trusts and one way non transitive trusts. A transitive trust is when there is a trust that goes further than two domains in a set tree, meaning two entities are able to access each other’s domains and trees.
A one way transitive trust is when a user is allowed access to another tree or domain; however, the other domain does not allow access to the further domains. This can be summed up as a network administrator and end user. The network administrator can access most trees in the forest including a specific end user’s domain. However, the end user, while able to access his or her own domain, cannot access other trees.
It is important to note that active directories are a great way to organize a large organization or corporation’s computers’ data and network. Without an active directory, most end users would have computers that would need to be updated individually and would not have access to a larger network where data can be processed and reports can be created. While active directories can be technical to a good extent and require considerable expertise to navigate, they are essential to storing information and data on networks.
Not Satisfied ? Just search & get the result
Related posts:
