Cloud

Active Directory

Active Directory is the user information directory in Windows. It consists of a database of user accounts (and various other information, such as DNS server and its configuration). The accounts are offered to computers in a domain via Lightweight Directory Access Protocol (LDAP). Active Directory also includes a Kerberos KDC, which creates Kerberos tickets for hosts in a domain for authenticating computers, users, and other entities. Furthermore, active directory contains synchronization mechanism that allow multiple servers to contain essentially the same information.

Users belong to an Active Directory Domain. The domain is often written before the user account name, separated by a slash. For example, in SSH\ylo, SSH is the domain name.

In a large organization, there are multiple domains. Domains are usually organized in a tree, and one domain may be configured to trust user accounts from another domain. Some organizations have dozens, or even a hundred domains.

The very largest organizations may contain multiple Active Directory trees, or forests.