Active Directory (AD) is a directory service created by Microsoft, based on Novell eDirectory and using modified versions of existing protocols and services that provides a variety of network services, including:

  • Lightweight Directory Access Protocol LDAP is the industry standard directory access protocol, enabling Active Directory to support compatible management and query applications. Active Directory supports LDAPv3 and LDAPv2.
  • Kerberos-based authentication
  • DNS-based naming and other network information
  • Central location for network administration and security[1]
  • Information security and single sign-on for user access to networked resources[1]
  • The ability to scale up or down easily[1]
  • Standardizing access to application data[1]
  • Synchronization of directory updates across servers[1]

Active Directory stores all information and settings for a deployment in a central database. Using the same database, Active Directory allows administrators to assign policies, deploy and update software. Active Directory networks can vary from a small installation with a few computers, users and printers to tens of thousands of users, many different network domains and large server farms spanning many geographical locations.

Active Directory was previewed in 1999, released first with Windows 2000 Server edition, and revised to extend functionality and improve administration in Windows Server 2003. Additional improvements were made in Windows Server 2003 R2, Windows Server 2008 and Windows Server 2008 R2 and was renamed Active Directory Domain Services.

Active Directory was called NTDS (NT Directory Service) in older Microsoft documents. This name can still be seen in some Active Directory binaries.


