In order to understand the concept of active directory first lets take a look at directory service. Directory Service is a service which stores information of using and managing different objects of network at a centralized point. Those objects include printing servers, file servers, printers; fax servers etc .
The directory service stores all of the information regarding the resources and at the same time provides mechanism of easy access to the resources’ information for the users. Active directory is also a directory service in windows server 2003 which stores information about the netwrok resources and about the services that make this information available to the users.
Now let’s look at the power and key features of active directory in windows server 2003:
·Multiple selections of directory objects: We can change the common attributes of many users at the one time.
·Drag-and-drop functionality: You just need to drag and drop the directory objects from one container to another in order to move them
·Efficient search capabilities: The object oriented searching facility provides efficient search minimizing the traffic on the network.
·Saved queries: The active directory queries can be saved, exported, reopened and refreshed, and the results of the attributed queries can also be exported.
·Active Directory command-line tools: A number of command line tools are available to manage the active directory. Those tools are Ntdsutil, Dsget, Dsrm, Dsmod, Csvde, Dsadd, Dsquery, Dsmove and Ldifde.
· Domain functional levels :Active directory’s domain wide features in your network can be enable using domain functional levels.
·Forest functional levels: The Active directory’s forest wide features in your network can also be now enabled using forest functional levels.
·Secure All Lightweight Directory Access Protocol (LDAP) traffic: All Lightweight Directory Access Protocol (LDAP) traffic is signed and encrypted by Active directory’s administrative tools, by default. It ensures that the data is not corrupted and that it is coming from the known source.
·Active directory quota: With Active directory quota, the ownership of objects by a user, computer or group can be limited by assigning quotas.
·New Group Policy settings: more than 200 group policy setting are included in windows server 2003‘s active directory.
·New Resultant Set Of Policy (RSoP) Wizard is included which enables you to check the policies assigned to a specific user or computer.
·Folder redirection is also made very easy.
·Advanced options for software installation are available, which makes installation process easy and administration effective.
·InetOrgPerson class has been added to enhance the security and it can be used in the same way as the user class is used.
·Cross forest support is also provided.
·The Software Restriction Policies that are included can identify unwanted or hostile soft wares and hence will not let them execute on the computer. But this requires that the system is either being run on Microsoft Windows XP Professional or on a family member of Windows Server 2003.
·Domain controller renaming: The domain controllers, without demoting, can now be renamed with the active directory of windows server 2003.As well as the domain name can now also be renamed with this.
·In the domain hierarchy, the domains can be moved from one location to another.
·The two way transitivity can now be extended by creating forest trust.
·The users’ access of one domain or forest can be allowed, disallowed or given selective access to another domain of forest.
·Unnecessary objects of the schema can be deactivated
·In order to link the auxiliary classes to the objects on dynamic bases, extra support is provided.
·When the partial attribution set is extended , the resulted administrative actions take place; at that time the Tuning global catalog replication is available for preserving global catalog’s state of synchronization
All in all the active directory of Windows server 2003 provides a lot of additional features which to facilitate the management, administration and usage of resources in the network. The security additions are also very remarkable and a lot of flexibility is given to the administrator to check and configure different parameters of the network. Other than this some work has also to improve the responsiveness of the network and to cater with the network traffic.
Flexibility for moving objects and domains, and for renaming them is also made easy .And with the new policies introduced the access of a user from one domain of forest to another can also be a controlled effectively. Providing these all functionalities and flexibilities to the networks administrators and mangers make their tasks of access controls, security, managing of objects etc very easy.
Spealman, Jill, & Hudson, Kurt (2004). Windows Server 2003 Active Directory Infrastructure. Redmond ,Washington: Microsoft Press.
Jones, Don (2003). Windows Server 2003 Weekend Crash course. NewYork: Wiley Publishing Inc..