An Active Directory is a service from Microsoft that stores information on a network so that it is accessible to specific users and network administrators. Active Directory allows a complete view of the stored network objects from a single point.
An Active Directory performs various tasks such as providing information on objects and services to the end users on the network.
There are basically two options available to users while choosing a directory service provider - LDAP (Lightweight Directory Access Protocol) and Microsoft Active Directory.
LDAP and AD, both are basically based on the LDAP protocol and hosted on-premises in most of the cases. Also, both the directories connect users to cloud computing infrastructure such as IaaS or web-based applications.
However, the directories have very few similarities as compared to the differences that they possess.
OU stands for Organizational Unit. An OU is a subdivision of Active Directory which can hold users, groups, computers and other organizational units. Organizational units are created to reflect on organizations’ functional or business structures. A single OU can have multiple OUs within it, although the attributes will always be distinct. Active Directory OUs cannot contain anything other than domains.
A Forest is the largest container within Active Directory that holds all Active Directory domains together. The Forest is the ultimate defined security boundary for an Active Directory Domain Services (AD DS) environment.
A Domain Controller is a windows server that contains the Active Directory database and monitors network security acting as a gatekeeper for user authentication and authorization.
The roles in Active Directory are called Flexible Single Master Operation (FSMO) roles. These roles basically define the responsibilities of Domain Controllers. Currently there are 5 FSMO roles in Windows, namely:
-
Schema Master
-
Domain Naming Master
-
Relative ID (RID) Master
-
Primary Domain Controller (PDC) Emulator
-
Infrastructure Master