What is it?
Active Directory is Microsoft's implementation - with
proprietary extensions - of the
Lightweight Directory Access Protocol (LDap), itself a
commercial implementation of the
ITU-TS X.500 Directory Access Protocol.
It provides centralised and secure authorisation, authentication
and management of network users and groups, services such as
messaging and other applications, and resources such as printers.
Administrators use it to apply security and other policies, and to
deploy software. Updates, patches and the latest versions of
anti-virus controls can be installed from a central console.
It includes
Active Directory Application Mode (Adam), a lightweight version
which provides directory services for applications and uses the
same application programming interface. Adam changes to Lightweight
Directory Services in Windows Server 2008.
Where did it originate?
The origins of Active Directory lie in NT Directory Services,
first seen in 1996. The first public version, released with
Windows Server 2000, was greeted as robust and feature-rich,
but lacking in management tools, and with a high cost of ownership.
These problems were addressed in the Windows 2003 version, which
also tackled replication and syndication between domain
controllers.
What's it for?
The
Windows 2008 version builds on improvements introduced with
Windows 2003, but with a new emphasis on identity and rights
management services, digital certificates, and federation services,
which extend directory services to trusted customers and partners.
Like Adam, a number of features and services have been renamed.
What makes it special?
Many of the "highlights" of the Windows 2003 version were simply
fixing the shortcomings of the Windows 2000 version, but there were
still many limitations. A lot of the improvements in the Windows
2008 version involve making Active Directory far more flexible,
with features such as fine-grained password policies, better
auditing of directory service changes, restartable domain services,
and the read-only domain controller for remote sites and branch
offices.
How difficult is it to master?
Active Directory professionals will need to replace their
Windows 2003 MCSE with a Windows 2008 Microsoft certified
technology specialist qualification. The upgrade course takes five
days, followed by one exam, which results in three separate
certifications: Active Directory configuration, network
infrastructure configuration and application platform
configuration.
What systems does it run on?
Mainly Windows, but it is also used to manage Unix and
Linux. Some Linux versions offer a level of Active Directory
integration, and there are third-party integration products.
What's coming up?
Windows Server 2008 will feature an improved version of Active
Directory. Download Microsoft's poster showing the forthcoming
features, by searching online for "Windows Server 2008 Active
Directory components".