Active Directory is Microsoft‘s directory service for the Windows architecture. It is a centralized and standardized system that automates network management of user data, security and distributed resources and enables interoperation with other directories.
The Active Directory can be used to control access to resources on the network. This includes computers, printers, devices, folders, files and other items on the network. Active Directory also provides tools to help desktop computers stay protected from unknown users and to remain up-to-date on security patches.
Active Directory marked a shift in the way that Microsoft manages directory services, moving from the flat and fairly restrictive namespaces used by NT4 domains toward an actual hierarchical directory structure. There‘s a sample chapter from the Windows 2000 technical reference that provides a good introduction into the major differences between the NT4 and Active Directory directory services.