Active Directory Basics
Introduction to Active Directory concepts
Active Directory Basics
Active Directory (AD) is Microsoft's directory service for Windows domain networks.
What is Active Directory?
AD provides:
- Centralized authentication - Single sign-on for users
- Authorization - Access control to resources
- Directory services - Organized database of network objects
Key Components
Domain
A logical group of network objects (computers, users, devices) that share the same AD database.
Domain Controller (DC)
Server that runs AD Domain Services. Handles:
- Authentication requests
- Stores AD database
- Replicates changes to other DCs
Organizational Units (OUs)
Containers for organizing objects within a domain. Used for:
- Applying Group Policies
- Delegating administrative control
Forest & Trees
Forest (contoso.com)
├── Tree 1: contoso.com
│ ├── us.contoso.com
│ └── eu.contoso.com
└── Tree 2: subsidiary.localCommon AD Objects
| Object | Description |
|---|---|
| User | Individual account |
| Computer | Machine joined to domain |
| Group | Collection of users/computers |
| GPO | Group Policy Object |
Key Ports
| Port | Protocol | Service |
|---|---|---|
| 389 | TCP/UDP | LDAP |
| 636 | TCP | LDAPS |
| 88 | TCP/UDP | Kerberos |
| 445 | TCP | SMB |
| 3268 | TCP | Global Catalog |
More AD deep-dives coming soon! 🖥️