Directory service, created by Microsoft for Windows domain networks
This article is about Microsoft's on-premises directory service. For their cloud-based system formerly known as Azure Active Directory, see Microsoft Entra ID.
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services.[1][2] Originally, only centralized domain management used Active Directory. However, it ultimately became an umbrella title for various directory-based identity-related services.[3]
A domain controller is a server running the Active Directory Domain Service (AD DS) role. It authenticates and authorizes all users and computers in a Windows domain-type network, assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer which is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or a non-admin user.[4] Furthermore, it allows the management and storage of information, provides authentication and authorization mechanisms, and establishes a framework to deploy other related services: Certificate Services, Active Directory Federation Services, Lightweight Directory Services, and Rights Management Services.[5]
Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft's version of Kerberos,[6] and DNS.[7]
Robert R. King defined it in the following way:[8]
"A domain represents a database. That database holds records about network services-things like computers, users, groups and other things that use, support, or exist on a network. The domain database is, in effect, Active Directory."
^Cite error: The named reference DSA-MSDN was invoked but never defined (see the help page).
^Cite error: The named reference WI4 was invoked but never defined (see the help page).
^Hynes, Byron (November 2006). "The Future of Windows: Directory Services in Windows Server "Longhorn"". TechNet Magazine. Microsoft. Archived from the original on 30 April 2020. Retrieved 30 April 2020.
^"Active Directory on a Windows Server 2003 Network". Active Directory Collection. Microsoft. 13 March 2003. Archived from the original on 30 April 2020. Retrieved 25 December 2010.
^Rackspace Support (27 April 2016). "Install Active Directory Domain Services on Windows Server 2008 R2 Enterprise 64-bit". Rackspace. Rackspace US, Inc. Archived from the original on 30 April 2020. Retrieved 22 September 2016.
^"Microsoft Kerberos - Win32 apps". docs.microsoft.com. 7 January 2021.
^"Domain Name System (DNS)". docs.microsoft.com. 10 January 2022.
^King, Robert (2003). Mastering Active directory for Windows server 2003 (3rd ed.). Alameda, Calif.: Sybex. p. 159. ISBN 978-0-7821-5201-2. OCLC 62876800.
ActiveDirectory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of...
ActiveDirectory Federation Services (AD FS), a software component developed by Microsoft, can run on Windows Server operating systems to provide users...
as Microsoft Azure ActiveDirectory or Azure AD) is a cloud-based identity and access management (IAM) solution. It is a directory and identity management...
the basis for Microsoft's ActiveDirectory. A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default...
ActiveDirectory Rights Management Services (AD RMS, known as Rights Management Services or RMS before Windows Server 2008) is a server software for information...
functionalities. Windows NT Directory Services (NTDS), later renamed ActiveDirectory, replaced the former NT Domain system. Critical Path Directory Server OpenLDAP:...
Microsoft Mail 3.5. Exchange initially used the X.400 directory service but switched to ActiveDirectory later. Until version 5.0, it came bundled with an...
features, most notably the introduction of ActiveDirectory, which in the years following became a widely used directory service in business environments. Four...
2012 has a number of changes to ActiveDirectory from the version shipped with Windows Server 2008 R2. The ActiveDirectory Domain Services installation...
to resources within the domain. Starting with Windows Server 2000, ActiveDirectory is the Windows component in charge of maintaining that central database...
January 2015, Smartsheet added support for Azure ActiveDirectory, Microsoft's cloud-based directory service that allowed users to log into products like...
ActiveDirectory naming context (NC) or directory partition, is a logical portion of the Microsoft's ActiveDirectory (AD). ActiveDirectory can support...
role-based access controls (RBAC) using nested groups in a native-mode ActiveDirectory (AD) domain: User and computer accounts are members of global groups...
OS X Server 10.4 includes Open Directory 3, which introduced ActiveDirectory domain member support, trusted directory binding, and increased robustness...
various means for clients to access the ActiveDirectory data store. Clients connect to an ActiveDirectory DSA using various communications protocols:...
without ActiveDirectory on standalone computers. ActiveDirectory servers disseminate group policies by listing them in their LDAP directory under objects...
a CSV file, or set up for single sign-on with a local ActiveDirectory using ActiveDirectory Federation Services. More advanced setup and features requires...
The directory used by Exchange Server eventually became Microsoft's ActiveDirectory service, an LDAP-compliant directory service. ActiveDirectory was...
Directory Services Restore Mode (DSRM) is a function on ActiveDirectory Domain Controllers to take the server offline for emergency maintenance, particularly...
The Directory (also called Directorate, French: le Directoire) was the governing five-member committee in the French First Republic from 26 October 1795...
Univ of Michigan ActiveDirectory Explorer - a freeware LDAP client tool from Microsoft LDAP Admin - a free, open source LDAP directory browser and editor...
versions no longer maintain the LM hash by default. Kerberos is used in ActiveDirectory Environments. The major weaknesses of LAN Manager authentication protocol...