Active Directory is a directory service. It was created by Microsoft for Windows domain networks and is included in most Windows Server operating systems. The computers on which Active Directory runs are called domain controllers and are considered server computers. It serves as a centralized location for security and for network administration. It also handles the authenticating and authorizing of all users and computers within a certain network. It assigns and enforces security policies for all of the computers in a given network and it handles the installation and updates of software on those network computers.
Assume that you log into your computer at work (assuming you work outside of the home in an office with co-workers). If your computer is part of a Windows domain, his Active Directory will verify your password and specify whether you are a normal user or a system administrator. This is also possible on a home computer, but it is easier to imagine when you think of a bank of computers in an office environment.
Active Directory was released with Windows 2000 Server edition in 1999. It was later revised and an improved version was released with Windows Server 2003. There were also improvements made for Windows Server 2003 R2, Windows Server 2008, and Windows Server 2008 R2. It was later renamed Active Directory Domain Services.
Active Directory is not a registry replacement. It is designed to handle high volumes of read and search operations, as well as smaller changes and updates. It is hierarchical, replicated, and extensible, which means you should not store dynamic data. Examples of dynamic data include things such as CPU performance or corporate stock prices. Examples of data that is typically stored in the Active Directory include user contact data, printer queue data, and network and computer configuration data. The database consists of objects and attributes and the definitions are stored in the Active Directory schema.
There are three partitions in Active Directory in Windows 2000. They are domain, schema, and configuration. The partition contains users, contacts, groups, computers, organizational units, and other object types. You can also add classes and attributes. Classes and attributes are contained in the schema partition. Data for services, partitions, and sites are contained in configuration.
If you are unfamiliar with Active Directory or you have only basic knowledge when it comes to network administration, it is better to rely on someone else to handle making changes or repairing errors. There are basic tasks that are safe to complete, but you can create damage in the entire system if you try to make changes to the Active Directory without fully understanding what you are doing. Users are typically unable to make changes that are authorized for systems administrators, but when in doubt, speak with a systems administrator.