Domain accounts can log on to any computer that has been added to the domain.
Add the domain user group to SQL Server logon. All users in the domain user group can use the domain user to log on to the database and inherit the relevant permissions.
Domain users log on to Team Foundation Server, SharePoint, and so on without entering the user name and password, which can be automatically identified.
The domain user password is stored on the server. You can set the Permission Policy in a centralized manner, which is not easy to crack and is safer than locally.
AD, you can find the Department, position, mobile phone number, extension, and so on.
You can set email addresses for Domain Users and domain user groups, and send emails to all users in the group.
The shocking result is: I want to study the advantages of him! As a result, I found the following article (simple modification and beautification ):
Advantages of Domain Controller
I. Centralized permission management and reduced management costs
The domain environment and all network resources, including users, are maintained on the domain controller for centralized management. All users only need to log on to the domain to perform authentication within the domain. administrators can better manage computer resources and greatly reduce the cost of network management.
Prevent employees from installing software on the client at will, enhance client security, reduce client faults, and reduce maintenance costs.
Through domain management, you can effectively distribute and assign software and patches, and install software in the network together to ensure the uniformity of software in the network.
With ISA, you can determine whether or not you can access the Internet. Otherwise, only IP addresses are allowed.
2. Enhanced security performance and clearer Permissions
It is conducive to the management of some confidential information of enterprises. For example, a disk allows one person to read and write data, but another person cannot read or write data. Which file can only be viewed by one person or some people, but it cannot be deleted, modified, or moved.
You can disable the USB port of the client to prevent leakage of confidential company information.
Security is fully integrated with Active Directory. You can not only define access control on each object in the directory, but also on the attributes of each object. The Active Directory provides the storage and application scope of security policies. Security policies can contain account information, such as password restrictions within a domain or access to resources in a specific domain. Security Policies can be set to issue and execute security policies through group policies.
Iii. Account roaming and Folder Redirection
Work files and data of personal accounts can be stored on servers for unified backup and management. User data is more secure and secure. When the client fails, you only need to use other clients to install the corresponding software and log on with the user account. You will find that your files are still in the "original location" (for example, my documents ), no loss, so that the fault can be repaired more quickly.
The Shadow Copy technology allows you to retrieve previous versions of a file or delete files by mistake (only 32 versions have been saved ). When the server is offline (in fault or other cases), the "offline folder" technology will automatically allow users to continue working using the local Cache version of the file, when logging out of the system or logging on to the system, the system synchronizes the files on the server to ensure that the user's work is not interrupted.
4. convenient use of various shared resources
The administrator can assign logon scripts to map the root directory of the Distributed File System for unified management. After a user logs on, the user can use resources on the network like a local drive letter without entering the password again. The user only needs to remember a pair of user names/passwords.
You can set the access, read, and modify permissions for various resources. Different accounts can have different access permissions. Even if the resource location changes, the user does not need to perform any operations. The Administrator only needs to modify the link and set the relevant permissions. the user does not even realize that the resource location is changed, you must remember which resources are on which server.
5. System Management Server)
By distributing applications and system patches, you can choose to install the software or assign automatic installation by the system administrator. It can also centrally manage system patches (such as Windows Updates) without the need to download the same patches for each client server, thus saving a lot of network bandwidth.
6. flexible query Mechanism
Users and administrators can use the "Start" menu, "Network neighbors", or "Search" commands on "Active Directory users and computers" to quickly search for objects on the network through object properties. For example, you can search for a user by name, last name, email name, office location, or other attributes of the user account. Optimize search information by using global catalogs.
VII. good scalability
The WIN2K Active Directory has high scalability. The administrator can add new object classes in the plan or add new attributes to the existing object classes. The plan includes the definition of each object class that can be stored in the Directory and the attributes of the object class.
8. Easy integration in MS Software
Such as ISA, Exchange, Team Foundation Server, SharePoint, and SQL Server.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
