Active Directory Forest and Active Directory Domain Explained.

Forest: Forest is the top level container of Active Directory infrastructure. A forest can consist of one or more domains and those domains are connected through transitive trust. A forest shares a single schema database, single Exchange organization, single global address list and a security boundary. Note: You may allow access to resources of only those in the same forest. You may want multiple forest if you need:

- more than one Exchange organization

- different forest functional levels

- separate security boundary

Domain: Domain is one level below Active Directory Forest. A domain can consist of one or more organization unit. A domain shares a single administrator group (Domain Admins security group) and same set of objects. Even when a domain shares a single administrator group, you may delegate control over each organization unit (OU).

Domain controller: Every domain consists of one or more domain controllers. Domain controller holds a directory database of its perspective domain. The directory database consists of user objects, computer objects and much more.

Organization unit (OU) is folder/container within a domain. OU can be used to organize set of computers or users. OUs are very useful when implementing different set of polices to a group of users or computers within a domain.

• Pin It
• Share
• Tweet

Be Sociable, Share!

• 

Related posts:

1. Forest and Domain Functional Levels in Windows Server 2003 environment
2. Little about Active Directry
3. Windows Server 2003 Active Directory Terminology and Concepts
4. Windows Server 2003 Active Directory Full
5. Security Principal Accounts in Server 2003 Active Directory

Tagged as: difference between Active Directory Forest and Domain, difference between Forest and Domain, domain, forest, what is difference between Forest and Domain, What is the difference between Active Directory Forest and Domain, what is the difference between Forest and Domain