Microsoft has implemented the idea of directory services in Windows NT Server 4.0. The concept of "domain" in NT is a basic unit of directory services. "One logon, single logon" has specific applications in the context of Windows NT server, such as Internet Information Server, Exchange serv er, SQL Server, and so on that can be associated with Windows NT server's account authentication is integrated, users can access the Web, email and database for a wide variety of network services.
Windows Server has further developed the Active Directory (Active Directory) on the basis of Windows NT Server 4.0. The Active Directory fully embodies the "ICE" of Microsoft products, i.e. integration (inte gration), depth (comprehensive), and usability (Ease of use). The Active Directory is a fully scalable, scalable directory service that meets the needs of both commercial ISPs and intranet and extranet.
The origin of the active catalogue
The Active Directory is started from a data store. It uses the data store of Exchange Server, known as: Extens ible Storage Service (ESS). It is characterized by no need to define the parameters of the database in advance, can achieve dynamic growth, performance is very good. Indexed on top of this data store, it can be easily and quickly searched and positioned. The Active Directory's partition is domain, and a domain can store millions of objects. There is also a hierarchical relationship between domains, which can be extended indefinitely by establishing domain trees and domain forests.
On top of the data store, Microsoft created an object model to form the Active Directory. This object model has pure support for LDAP and can also manage and modify schemas. Schemas include the definition of all objects, such as computers, users, and printers in the Active Directory, which are itself one of the contents of the Active Directory, and are unique throughout the domain forest. By modifying the tools of the schema, users or developers can define special classes and properties for themselves to create the desired object and object properties.
The Active Directory includes two aspects: a directory and directory-related services. A directory is a physical container for storing a variety of objects, and a directory service is a service that makes all the information and resources in the directory work. The Active Directory is a distributed directory service. Information can be dispersed across several different computers, ensuring fast access and fault tolerance, and providing a unified view of the user regardless of where they are accessing or where the information is located.
Integration of active catalogs (integration)
Microsoft's Active Directory is a vivid combination of three aspects of management content: User and resource management, directory based network services, and web-based application management. And the Active Directory has embraced Internet standards widely, and has provided revolutionary value by integrating numerous Internet services.
The basic objects of directory management are users and computers, and also include resources such as files, printers, and so on. For example, the user object's properties are very rich, not only have a common account name, password, etc., but also include mail box and personal homepage address, the position in the company, etc., you can in the Active Directory right click on the user object to send mail and access to their personal homepage and so on. The position relationship can be dynamically displayed on the company's intranet with a web organization chart, or it can be used to implement business logic for applications such as internal procurement and expense reimbursement. In the Active Directory, global lookups are supported, such as looking for double-sided printed color printers across the network.
The Active Directory thoroughly uses the Internet standard protocol, such as user account can use User@bj.yourcom.com or User@yourcom.com shortcut to represent, to log on the network and so on. In this bj.yourcom.com and yourcom.com are two different domains. However, there is a trust relationship between the two domains because Y ourcom.com is a root domain and bj.yourcom.com is a subdomain. Sub-domains can also have subdomains, such as sales. Bj.yourcom.com are mutually transitive trust relationships that form a domain tree. If your company has merged with one of the other companies, your domain tree can build an entire domain forest with their domain tree hiscom.com. DNS (domain name Servic e), which serves as the function of name resolution, we recommend that you use a DNS Server that is integrated with the Active Directory to ensure dynamic update of domain names and better replication capabilities. All objects of the entire domain forest, as long as the security management license, can be accessed with the LDAP protocol.
In today's internet age, the Internet-standard approach to Microsoft's Active Directory has brought almost limitless benefits to users. The Active Directory integrates key services, such as DNS, MSMQ (Message Queuing Services), integrated key applications such as e-mail, network management, ERP, integrated critical data access such as ADSI, OLE DB, and integrated key security, such as Kerberos fifth version and public key infrastructure.
Network infrastructure services based on Active Directory (directory-enabled networking, DEN) is an initiative proposed by Microsoft and Cisco to improve network manageability and improve the quality of network services. In the Windows 2000 Active Directory, you can do advanced network management tasks such as assigning network bandwidth to different users or applications, as well as supporting ATM networks and QoS protocols.
The Active Directory based application service (directory-enabled application) is a new generation of applications on the Windows 2000 platform. Application developers can extend the schema and UI of the Active Directory through Adsi/ado programming, publish service binding information in the Active Directory, configure the application through Group Policy, and download and apply the automatic notification of changes in the just in Ti me application. A more typical example of a directory-based application is NetMeeting. In the Active Directory environment, as long as you are typing a colleague's email alias in NetMeeting, you can use the location service in the Active Directory, it is very convenient for dialogue and desktop collaboration.