What is Active Directory?
Active Directory is the integrated, distributed directory service that is included with Microsoft Windows Server 2003 and Microsoft Windows 2000 Server. Integrated with Active Directory are many of the applications and services that previously required a separate, distinct directory and userid/password to be managed for each application or service. In Windows NT 4.0, for example, a directory was required for the domain itself, a separate directory for Exchange mailboxes and distribution lists, and separate directories for remote access, database, and other applications. In some cases, separate passwords were required for each application. With Active Directory, the administrator of the organization can add a user to Active Directory and through that single entry enable remote access to the network, enable the same user account for Exchange messaging, that same user for database access for accounting, client relationship management, or other applications. Not only is it possible to use Active Directory as a multi-purpose directory in this fashion but by doing so a company enables single sign-on for its users. Once a user logs in to Windows their Active Directory credential is the key that will automatically unlock all of the applications or services that they have been enabled for, including 3rd party applications that utilize Windows integrated authentication.
By creating a link between user accounts, mailbox accounts, and applications, Active Directory simplifies the task of adding, modifying, and deleting user accounts. When an employee gets married and changes their name, a single change in Active Directory can change the user information for all applications and services. When a user changes their password in Active Directory, they do not have to remember different passwords for their other applications. When a group of users is created such as the “sales group,” users can e-mail the group to send a message to all users, administrators can allow security access to resources based on the group name, and users can look-up members of a group by expanding the group information. This is just one example of how Active Directory simplified many administrative tasks and processes that, in the past, involved disparate applications, servers, and services.
Active Directory Design and Deployment
While Active Directory can help simplify management tasks and strengthen network security, you must properly design your directory structure to maximize these benefits. We assist customers throughout the move to Microsoft® Windows 2000 or Windows 2003 platform, by working to firmly understand your business and technical requirements through the use of our proven consultative and discovery best practices. We will work with you and your staff to design a scalable directory strategy that includes detailed design documentation, a comprehensive validation strategy, and a mature deployment plan.
Benefits
We will help you achieve many of the business and operational benefits of Active Directory, including:
- Helps eliminate redundant management tasks. Provides a single-point of management for Windows user accounts, clients, servers, and applications aswell as the ability to synchronize with existing directories.
- Helps maximize use of IT resources. Securely delegates administrative functions to all levels of an organization.
- Greater flexibility. Advanced features within the Window Server2003 platform provide capabilities to manage the prevalence of directory-enabled applications of today’s complicated enterprise network environments.
- Increased scalability. Comprehensive directory services provide resource-and information-sharing and extend interoperability, helping to reduce the total cost of ownership.
- Heightened security. New encryption features, and strengthened password security and login protection provides users with a single sign-on to network resources.
