Active Directory is a technology created by Microsoft which provides a central system for network authentication, management, naming, resource management and digital policy enforcement.
It provides a variety of network services, including:
- Central location for network administration and delegation of authority
- Lightweight Directory Access Protocol (LDAP)
- Kerberos-based authentication
- DNS-based naming and other network information
- Information security and single sign-on for user access to networked based resources
- The ability to scale up or down easily
- Central storage location for application data
- Synchronization of directory updates amongst several servers.
LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv3 and LDAPv2. Using the same database, for use primarily in Windows environments, Active Directory also allows administrators to assign policies, deploy software, and apply critical updates to an organization. Active Directory stores information and settings in a central database. Active Directory networks can vary from a small installation with a few computers, users and printers to tens of thousands of users, many different domains and large server farms spanning many geographical locations.
Active Directory was previewed in 1999, released first with Windows 2000 Server edition, and revised to extend functionality and improve administration in Windows Server 2003. Additional improvements were made in Windows Server 2003 R2. Active Directory was refined further in Windows Server 2008 and Windows Server 2008 R2 and was renamed Active Directory Domain Services.
Active Directory was called NTDS (NT Directory Service) in older Microsoft documents. This name can still be seen in some Active Directory binaries.