ACTIVE DIRECTORY FAQ

I.

What is Active Directory?

An active directory is a directory structure used on Microsoft Windows based computers and servers to store information and data about networks and domains. It is primarily used for online information and was originally created in 1996. It was first used with Windows 2000. An active directory (sometimes referred to as an AD) does a variety of functions including the ability to provide information on objects, helps organize these objects for easy retrieval and access, allows access by end users and administrators and allows the administrator to set security up for the directory. A directory service is the software system that stores, organizes and provides access to information in a directory. In software engineering, a directory is a map between names and values. It allows the lookup of values given a name, similar to a dictionary. As a word in a dictionary may have multiple definitions, in a directory, a name may be associated with multiple, different pieces of information. Likewise, as a word may have different parts of speech and different definitions, a name in a directory may have many different types of data.

II. What advantages does active directory offer for managing user accounts?
It will provide fully integrated security in the form of user logon's and

authentication. It makes easy in administration in the form of group policies and permissions. It makes easy to identify the resources. It will provide scalability, flexibility and extentiability. It is tightly integrated with DNS services for all its operations, which will provide better in identifications and migrations. It services will provide Automatic replication of information between the domain controllers. It supports integration of the other directory services also. It supports multiple authentication protocols.

What are the Benefits of active directory services?

a. Security: having only one domain means better security through a single security policy

and a single set of administrators. If you have multiple domains and forests, each has its own administrator. One weak but trusted domain exposes all the other forests and domains. With only a single domain, it's also far easier to enforce an organization-wide security policy.

b. Single platform - a single directory service or Global Catalog (GC) means a single

platform for all other directory-ware services, including monitoring and messaging.

c. Faster deployment-starts in an organization with just a single domain and shared

account database solutions need only be deployed once, which means company-wide deployments are much faster than if the organization has multiple and separate domains.
d. Single management infrastructure-Having a single management infrastructure means

there is just one infrastructure for all other directory services tasks, such as software deployment, inventory, and object managment sharing and delegation (such as for user accounts).
e. Single Group Policy container (GPC)-With a single GPC, management polices need to

be defined only once, and can be used throughout the entire enterprise without the need to manually export and import Group Policy Objects (GPOs).
f. Backup and recovery-Having only a single domain means better resiliency because

every location has a full domain backup.

g. Less hardware-In an organization with multiple domains, every location needs two

domain controllers (DCs). With a single domain, each location needs only a single DC because if the local DC fails, the locations can use hub DCs. Reduced hardware also means fewer licenses, less management software, and less overhead for server management. There's also no need to back up remote DCs because the remote DCs just hold the same information as the central DCs-assuming the DCs only perform directory services.

III. HOW TO Connect to Active Directory a. For Windows XP

Switch on your PC, the below screen will appear:

Press on Ctrl-Alt-Delete, the next screen will appear:

Put your LDAP username and Password, the Log on to is ADS and click on OK. Your session will start. Remember to logout when you finish using your session. The username is precede with ADS\ means Active Directory server Example of username: ADS ADS\rbutare for staff or ADS\ug10101010 for student B. For Windows 7 Switch on your PC, click on other user and the below screen will appear:

Press on Ctrl-Alt-Delete, the next screen will appear:

Put your LDAP username and Password. Your session will start. Remember to logout when you finish using your session. . The username is preceded with ADS\ means Active Directory server Example of username: ADS\rbutare for staff or ADS\ug10101010 for student