Winsage
December 16, 2024
Active Directory (AD) is a hierarchical database that stores information about network objects such as users, computers, printers, and shared resources. Key components of AD include the schema, global catalog, query and index mechanism, and replication service. Management is typically done through the "Active Directory Users and Computers" snap-in, which enhances security and supports authentication federation. The AD database is stored in a file called "ntds.dit" on the Domain Controller (DC). Best practices for securing AD include patching, monitoring, and recovery planning. Remote access to the AD database is enabled through the Lightweight Directory Access Protocol (LDAP) over TCP port 389 or port 636 for secure LDAP (LDAPS).