The directory structure used by all Window based servers and pc’s for storing of data and information is the active directory. Created in 1996, originally this was used only for online information.
Also referred to as AD, an active directory has the information providing ability about objects, organizing objects for easy access and retrieval and allowing administrators to set up securities for directories.
This is more of a hierarchical structure having 3 parts consisting of resources such as hardware, services such as web servers and the objects which are main functions of networks and domains.
The framework for objects is rather interesting. Each object could be certain security settings done by an administrator or just hardware such as a printer. The objects are capable of holding other objects within their structure. The objects are all unique with an ID. Adding to these features, these objects have certain attributes by which they can be characterized. These characterizations are generally termed as schemas by the professionals.
Understanding the framework of viewing the objects is an important part of understanding active directories. These directories can be viewed at only one out of three levels viz. trees, forests or domains. The forest is the highest level.
The trees are inside the forest and these further have single or a few domains. As we go down the structure of an active directory, we will come across single domains.
How to use Active Directories?
Updating of many end user computers in a large organization, with all new files and patches etc. can be done very easily by just updating a single object in a forest.
An administrator can very easily allow or deny access instantly to users for particular applications and this is due to each object fitting very well into a particular set schema and having specific attributes. It is on the basis of trust that the Microsoft servers decide on whether to provide access or not. Transitive and one way non transitive are the two types of trust that active directories in Microsoft incorporate. When a trust goes beyond two domains in a set then it is transitive trust.
Transitive trust may also be one way which implies that one user may have access to another domain but the other domain or tree does not have the access to do the same. This is like in the case of an end user and a network administrator. The network administrator has all access to almost all trees inclusive of specific domains while on the other end, an end user would not be able to access trees other than his own domain.
The use of active directories is one of the best ways to keep a large organization’s network and complete data organized. Absence of such an active directory would create the unnecessary hassle of having to update the end user’s computers individually and they would not be able to access the entire large network. These active directories are an integral feature to help storing of data on networks, although they may be highly technical and pose the requirement of expertise to navigate.