Microsoft Active Directory
From ProWiki - Demo and Test Wiki
| Microsoft Active Directory | |
|---|---|
| Developer | Microsoft |
| Type | Directory service |
| Initial release | 1999 |
| Operating system | Windows Server |
| Written in | C++, C# |
| License | Proprietary |
| Website | microsoft.com |
| Contents | |
Microsoft Active Directory (AD) is the directory service at the core of most enterprise Windows environments, managing users, computers, and policies.
Key Features
- Centralized user and group management
- Group Policy for enforcing configuration across all domain-joined machines
- Single sign-on for domain resources
- Organizational Units (OUs) for structured administration
- Trust relationships between domains and forests
- Integration with LDAP-based applications
Enterprise Use
Active Directory is the backbone of identity management in the majority of enterprise environments. Every user, computer, and service account is managed in AD. IT administrators use it to enforce security policies, manage software deployment, and control access to resources. Cloud identity (Azure AD / Entra ID) extends AD to cloud services.
Tips
- Follow the principle of least privilege — do not add users to Domain Admins unnecessarily.
- Use fine-grained password policies for privileged accounts.
- Audit changes to sensitive groups (Domain Admins, Enterprise Admins) with alerts.
- Keep AD functional level current to enable the latest security features.
