Active Directory (AD) is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services that manage user data, security, and access to network resources.
AD is designed to store data and settings in a centralized location so that users and applications can easily access them. It can also be used to create and enforce security policies for a network. You can learn more here about these services.
Several different services make up Active Directory, including:
Domain Name System (DNS): The Domain Name System (DNS) is a decentralized naming system used by computers, services, or other resources connected to the Internet or a private network. It translates human-readable domain names to numerical IP addresses.
Lightweight Directory Access Protocol (LDAP): LDAP is an open, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
Active Directory Federation Services (AD FS): Active Directory Federation Services (AD FS) is a software component developed by Microsoft that can be installed on the operating systems to provide Sign-On access to various systems and applications that can be found across organizations. It uses a claims-based access control model to maintain application security and facilitate interoperability.
Kerberos: Kerberos is a computer network authentication protocol that works based on “tickets” to allow nodes to securely communicate over a non-secure network to prove their identity to one another. Additionally, it provides mutual authentication—the user and the server verify each other’s identity.
Group Policy: Group Policy is a feature of AD that allows administrators to centrally manage the configuration of computers and users in a domain. Group Policy settings are stored in AD and applied to a domain’s objects (such as users, computers, and groups).
Certificate Services: Active Directory Certificate Services (AD CS) is a server role in Active Directory Domain Services that allows an enterprise to issue and manage critical public infrastructure (PKI) certificates. These certificates can be used for various purposes, such as authenticating users and devices, encrypting network traffic, and digitally signing emails and documents.
Internet Authentication Service (IAS): The Internet Authentication Service (IAS) is a remote access and virtual private network (VPN) authentication server in Windows Server 2003 that provides centralized authentication, authorization, and accounting for dial-up, remote access VPN, and wireless connections. IAS also provides RADIUS services for other Microsoft and third-party VPN solutions.
In conclusion, an Active Directory is a powerful tool that can be used to manage users, computers, and other resources on a network. In addition, it offers various services that can be used to authenticate and authorize users, encrypt data, and much more.