Active Directory
I. Scenario and value of the application
Centralized account management ( target: Users can use an account to verify identity regardless of which system they log on to )
1.1) account creation: The business system in the environment is complex, the administrator needs to create different account verification for each user
1.2) account Change, disable: Enterprise account management system to account changes in operation, such as password change, complexity, employee turnover account is disabled, administrator operation cumbersome
1.3) for the enterprise's decentralized account management, account maintenance inconvenience, the introduction of Active Directory Domain Services centralized management mode, Active Directory Domain Services (ADDS) only maintain a database (Ntds.dit), efficient management of the life cycle of the account
Two. Components
Components of physics
2.1) Ntds.dit database: Store account and password information
2.2) Kerberos protocol: Authentication protocol
2.3) LDAP protocol: Lightweight Directory services, organizing Active Directory accounts, specifying the specification of accounts stored in the database
Components of Logic
2.4) Forest
2.5) Tree
2.6) Domain
This article from "Cautious" blog, declined reprint!
Learning Summary-active directory Domain Services Management-Introduction to Active Directory