Professional Documents
Culture Documents
ACTIVE DIRECTORY New
ACTIVE DIRECTORY New
DEPARTMENT OF EDUCATION
Bislig City Division
TABON M. ESTRELLA NATIONAL HIGH SCHOOL
Tabon, Bislig City
INFORMATION SHEET:
ACTIVE DIRECTORY
Arranges all the Network’s Users, Computer and Objects into Logical, Hierarchical groupings
Active Directory information is used to authenticate/authorize the Users, Computers,
Resources which are part of a network.
Security Principal Object – objects that can be authenticated and assigned permissions
Each object has a
FOREST
A complete Active Directory Instance
Information and data exchange can only happen between objects inside a forest.
To communicate with objects in other forests, explicitly created forest level trusts are required.
Can contain one or more domains or a combination of domains or domain trees.
The Schema or Design of an AD is consistent throughout the forest.
DOMAIN
Logical groupings of objects
Administrative boundary for objects
No limit on the number of objects that can be contained
in a domain
Objects need not be in a same physical location
Domain controller is the domain’s supreme authority
Domain controller is responsible for all the authentications, authorizations, additions, deletion,
edits, modifications inside a domain.
If a user has access to a domain, he can logon from anywhere and any computer in that
domain.
The permission, policies and rights can be set for all the objects at the domain level or at the
individual object level as well.
DOMAIN TREE
Domain – Summary
In short, a Domain has 4 components:
o A hierarchical structure of containers,
Objects
o A unique Domain Name
o A security mechanism to Authenticate
and Authorize access to Domain’s
resources
o Policies that show how functionality is
allowed or restricted for users, computers
in a Domain.
Group
scopes
o Domain local – To give access to resources in the same domain as the
group, users can be from different domains.