Active Directory is the central repository of information on a Windows 2003 based network. It stores information about all resources that are used on the network, like user and group accounts, shared folders, computers, printers, etc.
Active Directory can be used to locate this resources quickly so that Administrators can create, configure, delete and maintain them as needed.
Logical structure of Active Directory
- A forest is a collection of domain trees linked together at their roots by transitive trusts
- Also called a domain tree, a hierarchical grouping of domains beggining with a root domain and branching out to child domains. Must have a contiguous DNS namespace
- The primary administrative boundary for WS2003 networks. Domains are named using DNS, and a tree consists of one or more domains hierarchically joined by transitive trusts.
- Organizational Unit (OU)
- Logical containers you can use to group objects in a domain for security and administration purposes. For example you can reflect your company’s geographical, organizational or administrative structure.
- A user, group, computer, printer, shared folder or anything else which can be contained within a domain or OU.
- Secure communications between domains, domains trees, or forests