What is Active Directory?

• Active Directory (AD) is a Microsoft technology used to manage computers,

users and other devices on a network.
• It is a primary feature of Windows Server.
• Active Directory was initially released with Windows server 2000 and
revised with additional feature in Windows Server 2008.
What is Active Directory?
• All the information in Active Directory is stored in the form of objects.
The Active Directory structure includes three main tiers :
1. Forests
2. Domains
3. Trees
Benefits of Active Directory
• It supports Multi-master Authentication & Multi-master replication.
• Hierarchical organizational structure.
• A single point of access to network resources.
• Ability to create trust relationship with external network running previous
versions of Active Directory and even Unix.
What is Active Directory Domain Services?
• It is a hierarchical arrangement of objects which are structured in a way that
makes access of the resources easy.
What is Forest?
• A forest is a complete instance of Active Directory.
• Each forest acts as a top-level container.
• A forest can contain one or more domain container objects.
What is Tree?
• Domain trees are collections of domains that are grouped together in
hierarchical structures.
• When you add a domain to a tree, it becomes a child of the tree root
domain.
• The domain to which a child domain is attached is called the parent domain.
What is Domain?
• A group of computers and devices on a network that are administered as a
unit with common rules and procedures.

• A domain is used to manage all user function, including

username/password and shared system resources authentication and
access.
What is Domain Controller?
• A domain controller is the centrepiece of the windows Active Directory
services.
• It authenticates users, stores user account information and enforces
security policy for a windows domain.
• A domain controller is server on a Microsoft Windows network that is
responsible for allowing host access to windows domain resources.
Type of Domain Controllers.
• Primary Domain Controller (PDC)
• Additional Domain Controller (ADC)
• Child Domain Controller (CDC)
• Read Only Domain Controller (RODC)
What is Primary Domain Controller?
• PDC maintains a read-write directory of user account and security
information.

• The PDC authenticates usernames and passwords when members log into
the network.
What is Additional Domain Controller?
• ADC acts as a Backup to PDC.

• It gets active when PDC goes down.

• It gives back responsibilities back to PDC when it comes up again.

What is Read Only Domain Controller?
• RODC acts just like ADC but only with Read Only permissions.

• It only responds to security authentication requests.

What is Directory Services Restore Mode?
• Directory Services Restore Mode (DSRM) is a safe mode boot option for
windows server domain controllers.

• DSRM allows an administrator to repair or recover an Active Directory

database.
How to Reset for DSRM?
• We can reset password for DSRM by ntdsutil.exe command.
What is Child Domain Controller?
• Child domain is another name for subdomain.

• It shares the load of PDC.