Active directory isn’t what it used to be. People still use the term Active Directory to define the Active Directory Domain Services (ADDS) of old time. ADDS was a centralized management system of users and computer across your IT organization, using the tools provided when the technology was introduced. With the updates of Microsoft Windows and Windows Server, ADDS has been superseded by Active Directory, which is a portfolio of services used to manage identity and access for/to resources on a network. In fact, new systems have come up that can even link your Linux, Unix or Mac platforms with your Windows Server’s Active Directory.
Active Directory today has five main roles:
Active Directory ties all of these services together, in some cases directly, while in other cases in a complementary fashion.
1. Domain Services
It perhaps has the most prolific role in the Active Directory. A domain service is both the directory information source and the service that makes the information available and usable. It can be information about servers, users, clients, network devices, applications, and email servers. This information is both about and provided to each of these categories.
The domain services provide manageability, security, and interoperability in a centralized and much more efficient method than otherwise.
The Domain Services will let you manage several objects and allow you to control them together, using a single console. You can even delegate the administration to other administrators in your organization.
2. Certificate Services
It is Microsoft’s implementation of Public Key Infrastructure (PKI). The Certificate Services include End Entities, Certificate Repository and Revocation, Certificate Signing Request, Certificate Retrieval, and Certificate Revocation List. The Certificate Services provide customizable services for issuing and managing digital certificates. At the end of the day, this is all that the Certificate Services does. It does it with a range of tools such as certification authorities, web enrollment, online responders, network device enrollment service, certificate enrollment web service and certificate enrollment policy web service. In short, these are all the pieces used to manage all the certificates which are issued by the management system.
3. Federation Services
These services are part of the Active Directory entity which allows you to access cross-organizational information, including from different inter-systems and inter-applications. This lets you as the administrator to share your resources out to the world or let your users access resources on someone else’s organization. The federation services let you make the server role access seamlessly. You log in once and that is all you have to do. You can access an application on the web and this application will use your saved credentials to authenticate and authorize you in the application of another organization.
4. Rights Management Services
This technology works with applications to safeguard your digital information. What this allows for, for instance, if you are an author that creates content on Word document, you can protect the content using the Rights Management Services. You can control what can be done after you have secured the document. You can prevent another user to print it, copy it or forward it. This protection is embedded in the document and follows it everywhere. You can send the document of file to another user; the recipient of this document, having access to your infrastructure, can verify and use the document but with your terms of access applied.
You can protect your documents, workbooks, presentations, email and a lot more, with no limit of location on the infrastructure.
5. Lightweight Directory Services
This is essentially Domain Services in an empty shell template form. It is both directory information source and the service that makes information available and usable. It has similar options to Domain Services. You can use it to store, replicate and access information such as names, locations, app information, etc.
All in all, these are the services provided by Active Directory in Windows Server. Thank you for sticking around. We are going to discuss more these services in greater depth in future articles.