What is an Active Directory?
This question always arises when I am visiting clients or taking calls, so I thought that I would share this on a wider basis. So what does this mean for your business?
To put it bluntly, without an Active Directory, a network would be insecure, disjointed, unscalable, unsupported by many software vendors and very difficult to maintain.
So let me explain more about Active Directory? It’s a database that knits all of the usernames, passwords, computers, servers, printers and applications together into one place to be centrally managed. The computer upon which this database is located is called a Domain Controller. A single Active Directory domain can accommodate anything from a single user up to hundreds of millions of users. Even when that isn’t enough for you, you can expand your Active Directory from a single domain into multiple “trees” and “forests”.
The point is that Active Directory is very scalable technology and an efficient way to manage your servers.
As necessary and as brilliant as Active Directory is, the principles and concepts involved can be very complex and usually requires a trained, qualified Engineer so don’t get too hung up on the terminology.
So let’s imagine a scenario whereby one organisation acquires another. This gives us 2 Active Directories. Then what? Microsoft has made it a simple process to link these 2 networks together using ‘trusts’. Don’t worry about what this means as your technical experts will sort this out for you.
The key benefits of an Active Directory
- Standardises your computers’ appearance to your corporate guidelines and branding, as well as rolling out and enforcing security policies, applications and printers to different users without the need to set them up locally.
- Provides secure key sensitive data on your network.
- Efficient way to manage your users. Too many to look after? Consider delegating some tasks to a colleague. For example, you could delegate the permission to reset passwords to one of your colleagues for only (let’s say) the Leeds users or the Admin users.
- Control of the password policy for your network. Enforce how strong or weak passwords can be reset across your network and how often they need to be changed.
- Manage your deleted users. The Active Directory has a recycle bin (from Server 2008 R2 onwards).
- Synchronise sets of usernames and passwords with Office 365. All users can have one username and one password to access all of their information (aka SSO – Single Sign On).
- You don’t have to have just one Domain Controller that stores this Active Directory database. Have 1, 2, 3, 4, 5 or 1 at each office. Then if one of the Domain Controllers is not available (whether this is planned or not), your users will still be able to authenticate and obtain access to their data.
- Controlled Backups: You can take control of your users’ My Documents and My Pictures Folders (that in our experience are rarely backed up) and redirect them to a central network location where they can be backed up daily.
- It provides you with a platform to use many useful Microsoft technologies such as ‘Remote Desktop Services’ (another blog to follow), WSU (Windows Software Update Services), VPN (Virtual Private Network) and many more.
- The ability to roll out applications in mass without requiring to access each workstation individually.
And the list goes on.
If you are interested in the ‘nitty gritty’ then check out Microsoft’s Technet’s blog on Managing your Active Directory and their visual diagram pro
This is one of my favourite topics, so if you would like me to elaborate on any of this then please get in touch with me via LinkedIn.
Image/Source copyright:http://www.123rf.com/profile_aelita2