Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

Active Directory

Active Directory is the user information directory in Windows. It consists of a database of user accounts (and various other information, such as DNS server and its configuration). The accounts are offered to computers in a domain via Lightweight Directory Access Protocol (LDAP). Active Directory also includes a Kerberos KDC, which creates Kerberos tickets for hosts in a domain for authenticating computers, users, and other entities. Furthermore, active directory contains synchronization mechanism that allow multiple servers to contain essentially the same information.

Users belong to an Active Directory Domain. The domain is often written before the user account name, separated by a slash. For example, in SSH\ylo, SSH is the domain name.

In a large organization, there are multiple domains. Domains are usually organized in a tree, and one domain may be configured to trust user accounts from another domain. Some organizations have dozens, or even a hundred domains.

The very largest organizations may contain multiple Active Directory trees, or forests.