Active Directory Domain Services (AD DS) directory service is the distributed directory service that is included with Microsoft Windows Server operating systems. AD DS enables centralized, secure management of an entire network, which might span a building, a city, or multiple locations throughout the world.
AD DS includes the following:
- AD DS on a Windows Server Network
- Active Directory Lightweight Directory Services (AD LDS)
- Structure and Storage Technologies
- Domain Controller Roles
- Replication Technologies
- Search and Publication Technologies
- Installation, Upgrade, and Migration Technologies
Organizations operating a distributed environment need to have a way to manage network resources and services. As the organization grows, the need for a secure and centralized management system becomes more critical.
A directory service provides a centralized location to store information in a distributed environment about networked devices and services and the people who use them. A directory service also implements the services that make this information available to users, computers, and applications. A directory service is both a database storage system (directory store) and a set of services that provide the means to securely add, modify, delete, and locate data in the directory store.
AD DS is typically used for one of three purposes:
Internal directory. Used within the corporate network for publishing information about users and resources within the enterprise. A company’s internal directory may be accessible to employees when they are outside the company network using a secure connection such as a virtual private network (VPN) connection, but it is not accessible to non-employees.
External directory. These are directories typically located on servers in the perimeter network or demilitarized zone (DMZ) at the boundary between the corporate local area network (LAN) and the public Internet. External directories are typically used to store information about customers, clients, and business partners who access external applications or services. They are also made available to customers, clients, and business partners to provide them with selected business information such as catalogs and so on.
Application directory. Application directories store “private” directory data that is relevant only to the application in a local directory, perhaps on the same server as the application, without requiring any additional configuration to Active Directory. The personalization data, which is only interesting to the portal application and does not need to be widely replicated, can be stored solely in the directory associated with the application. This solution reduces replication traffic on the network between domain controllers.