Active Directory  «Prev  Next»
Lesson 2What is Active Directory?
Objective Define Active Directory.

What is Active Directory?

Role of System Administrator

As a system administrator or as a technical support professional, you will need to have a thorough understanding of Active Directory. In this lesson, we will provide a global view of Active Directory, what it is, how it works, and how it relates to network topology. The topics discussed here will be explored in greater detail later in this course.

Overview of Active Directory

This is the Active Directory

The SlideShow below will give you a global view of Active Directory's contents.


  1. Active Directory is Windows Directory Service. It is a centralized database that contains network information.
  2. Active Directory contains information on all network resources, such as users, groups, and printers, anything that interacts and uses the network
  3. These resources are represented by objects.
  4. The objects have attributes that provide you with a way to define and access the object.
Active Directory Diagram

Active Directory and Network Topology

If Active Directory has geographically different locations, you may wish to divide or partition a network into sites, which you will learn about in detail in the module that follows. In sum, Active Directory not only lets you view the contents of a system from the most general to the most particular. It also provides you with the tools to make that information accessible, no matter what the size or configuration of your network. In subsequent lessons, we will examine the Active Directory and its structure in greater depth. In the next lesson, you will learn about the technologies supported by Active Directory.

What Does the Active Directory Do?

The Active Directory is a directory service and provides a number of different services relating to the organized storage of network resources. The following points highlight some of the Active Directory’s features:
  1. Organized Approach: The Active Directory brings order to your network by organizing network resources, such as user accounts, group accounts, shared folders, printers, and so on. With the Active Directory, users can quickly find information they need.
  2. Ease of administration: Windows 2000 networks no longer use primary domain controllers (PDCs) and backup domain controllers (BDCs). All domain controllers are simply peers, providing you a single point of administration and excellent fault tolerance..
  3. Removes Topology from Users: The Active Directory helps remove knowledge of the network topology from end users. End users do not have to know which server holds which resource and where it is located on the network. The Active Directory contains powerful query capabilities so users can perform full text searches to find what resources they need
  4. Reduction of NT Domains: This is the part where all Windows NT network administrators cringe. A major goal of the Active Directory is to make large networks more manageable and part of that lofty goal is to reduce the number of NT domains. The Active Directory does not have a domain user/group account limit (well, it does have one of about 1 million), and due to its design, many networks that currently have several existing NT domains now need only one Windows 2000 domain.
  5. Growth Potential: Two buzzwords thrown around about the Active Directory are scalability and extensibility. Scalability means that a service can grow with the needs of your network. The Active Directory is a scalable product because it can grow to meet the needs of your network. The Active Directory works on a network of a few hundred computers or on a network of thousands of computers. Extensibility means that service can be extended. The Active Directory can be extended in terms of its namespace and through resources it contains.
  6. Standardization: The Active Directory is completely built on networking and protocol standards that currently exist and are heavily used. In other words, there are no totally new standards that must be mastered. The Active Directory is built on a TCP/IP network, which is the networking protocol of choice these days, and it is completely integrated with Domain Name System (DNS) and Lightweight Directory Access Protocol (LDAP), both of which are explored in detail later in this book.
  7. Network Control: The Active Directory offers a very fine level of network management, both in terms of server management and desktop management. Through Windows 2000’s Group Policy, you can manage network user desktop configurations much more easily and effectively. Through the Active Directory, you can finely control resource security and even delegate administrative tasks to other people through Delegation of Control.
  8. Easier WAN Management: Once you get Active Directory correctly set up, it manages its own replication topology. The Active Directory includes more internal services that help it manage and control its own processes, including replication. This feature keeps administrators out of such deathly details and enables software to take care of itself and replicate data between domain controllers and sites as needed.