Active Directory Overview

41a
Windows-Pentesting

Active Directory

In this article, we are going to learn about active Directory. Various aspects of Active Directory.

Our Main Goals of this article are

  1. What is Active Directory
  2. Why we need Active Directory
  3. Active Directory Services
  4. Various terms used in Active Directory
  5. How Active Directory Works
  6. Active Directory Database
   

What is Active Directory

Active Directory also is known as AD is a technology created by Microsoft and introduced in 1999 and released it with Microsoft Windows 2000 Server edition, and revised it and extended its functionality and improved administrative services Windows Server 2003. And till now more functionalities are added with the new releases of Windows Servers updated versions.

Active Directory uses Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft’s version of Kerberos, and DNS. Active Directory Services consist of multiple directory services. The best known is Active Directory Domain Services, commonly abbreviated as AD DS or simply AD.

Why we need Active Directory

If your office used Active Directory, all of the machines would be connected on a domain, which means all of the information is stored in a central location, not locally on the individual computers’ hard drives. The domain is controlled by a global catalogue, which keeps track of all of the devices that are registered to the network. The global catalogue stores the IP addresses, computer names, and users, so that the global administrator can oversee everything that happens on the domain. In order to access someone else’s computer, a user would just need that computer’s name, because everything is already linked on the back end.

When you’re using Active Directory, everything is already permission from the domain controller. This means that the network administrator has already told the domain controller what permissions to assign to each user. This makes all digital communication more efficient, because everything is easily accessible, and information is readily available.

Active Directory Services

  1. Domain Services
  2. Lightweight Directory Services
  3. Certificate Services
  4. Federation Services
  5. Rights Management Services

Various terms used in Active Directory

  1. Objects
  2. Forests
  3. Trees
  4. Domains
  5. Organizational Units

Objects

Active Directory structures are arrangements of information about objects. The objects fall into two broad categories:

Resources – Printers, Projectors, Scanners etc. 

Security principals – User or computer accounts and groups. Security principals are assigned unique security identifiers (SIDs).

Each object represents a single entity—whether a user, a computer, a printer, or a group—and its attributes. Certain objects can contain other objects. An object is uniquely identified by its name and has a set of attributes—the characteristics and information that the object represents— defined by a schema, which also determines the kinds of objects that can be stored in Active Directory.

The schema object lets administrators extend or modify the schema when necessary. However, because each schema object is integral to the definition of Active Directory objects, deactivating or changing these objects can fundamentally change or disrupt a deployment. Schema changes automatically propagate throughout the system. Once created, an object can only be deactivated—not deleted. Changing the schema usually requires planning.

Under Development will update asap

For Reference : –

https://blogs.technet.microsoft.com/ashwinexchange/2012/12/18/understanding-active-directory-for-beginners-part-1/

https://blogs.technet.microsoft.com/ashwinexchange/2012/12/26/understanding-active-directory-for-beginners-part-2/

Leave a Reply

Your email address will not be published. Required fields are marked *