Active Directory: Frequently Asked Questions


There may be broken links in this article, the GROK staff has been notified and is working to resolve the issue.
This article has not been updated recently and may contain dated material.

Active Directory FAQs

What is an Active Directory (AD)?

The Microsoft Windows Active Directory glossary defines an Active Directory as Microsoft's directory service database for Windows networks. Stores information about resources on the network and provides a means of centrally organizing, managing, and controlling access to the resources. Recently renamed Active Directory Domain Services, or AD DS. Microsoft also has a product called Active Directory Lightweight Directory Services, or AD LDS (formerly called Active Directory Application Mode, or ADAM).

What is a domain?

The Microsoft Windows Active Directory glossary defines a domain as an X.500-based hierarchical database of containers and objects. Microsoft domains have a DNS domain name, a security service to authenticate and authorize access to resources, and policies that dictate functionality. Domains are boundaries for administration and replication.

What is a tree?

The Microsoft Windows Active Directory glossary defines a tree as a collection of Active Directory hierarchical domains in a contiguous namespace.

What is a forest?

The Microsoft Windows Active Directory glossary defines a forest as a collection of Active Directory trees that share a Configuration container and Schema and are connected through trusts. The forest acts as a security boundary for an organization and defines the scope of authority for administrators.

What is a schema?

The Microsoft Windows Active Directory glossary defines a schema as the structure of the data in a database. In Active Directory, the Schema container defines the object classes and the attributes that apply to each class in Active Directory.

What is a global catalog (GC)?

The Microsoft Windows Active Directory glossary defines a global catalog (GC) as a read-only catalog of all objects in a forest, which contains a subset of the attributes. The subset of attributes is called the partial attribute set (PAS). A domain controller can be designated a GC.

What is an organizational unit (OU)?

The Microsoft Windows Active Directory glossary defines an organizational unit as a type of container in an Active Directory domain. It can contain objects like users, computers, contacts, groups, or other OU's or containers. OU's can also have group policies applied.

What is a group policy?

The Microsoft Windows Active Directory glossary states that a group policy is a policy linked to Active Directory domains, organizational units, or groups, which are applied to the child objects within. Group Policies are defined in Group Policy Objects (GPO's).

What is an access control list (ACL)?

The Microsoft Windows Active Directory glossary defines an access control list as a collection of Access Control Entries (ACE's) that specify the security applied to a resource.

What is an access control entry (ACE)?

The Microsoft Windows Active Directory glossary states that ACE is an acronym for Access Control Entry. They are individual entries in a security descriptor (called an access control list or ACL). Specifies permissions granted or denied to trustees for the resource to which the ACE applies.

 

Referenced from: Microsoft

 

5268
9/8/2023 4:28:38 PM