Active Directory is the information hub of the Windows Server 2003 operating system. The following figure shows Active Directory as the focal point of the Windows Server 2003 network used to manage identities and broker relationships between distributed resources so they can work together.
Active Directory on a Windows Server 2003 Network
Active Directory provides:
• |
A central location for network administration and delegation of administrative authority. You have access to objects representing all network users, devices, and resources and the ability to group objects for ease of management and application of security and Group Policy.
|
• |
Information security and single sign-on for user access to network resources. Tight integration with security eliminates costly tracking of accounts for authentication and authorization between systems. A single user name and password combination can identify each network user, and this identity follows the user throughout the network.
|
• |
Scalability. Active Directory includes one or more domains, each with one or more domain controllers, enabling you to scale the directory to meet any network requirements.
|
• |
Flexible and global searching. Users and administrators can use desktop tools to search Active Directory. By default, searches are directed to the global catalog, which provides forest-wide search capabilities.
|
• |
Storage for application data. Active Directory provides a central location to store data that is shared between applications and with applications that need to distribute their data across entire Windows networks.
|
• |
Systematic synchronization of directory updates. Updates are distributed throughout the network through secure and cost-efficient replication between domain controllers.
|
• |
Remote administration. You can connect to any domain controller remotely from any Windows-based computer that has administrative tools installed.
|
• |
Single, modifiable, and extensible schema. The schema is a set of objects and rules that provide the structure requirements for Active Directory objects. You can modify the schema to implement new types of objects or object properties.
|
• |
Integration of object names with Domain Name System (DNS), the Internet-standard computer location system. Active Directory uses DNS to implement an IP-based naming system so that Active Directory services and domain controllers are locatable over standard IP both on intranets and the Internet.
|
• |
Lightweight Directory Access Protocol (LDAP) support. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2.
|