Understanding the Active Directory infrastructure (3.3)

AD a Microsoft technology is a distributed database that stores objects in a hierarchical, structured, and secure format. AD's objects typically represent users, computers, peripheral devices, and network services. Each object is uniquely identified by its name and attributes. The domain, the forest, and the tree represent logical pisions of an AD infrastructure. AD uses the following protocols and services:

• Lightweight Directory Access Protocol (LDAP): It is used to access the directory services data
• Kerberos: Kerberos securely authenticates and proves identity between users and servers on the network
• Domain Name System (DNS): DNS is used to translate domain names into IP addresses

AD is managed through the following snap-ins in Microsoft Management (MMC) (mmc.exe):

• Active Directory Administrative Center (dsac.exe): Shown in Figure 4.1, it is the one stop-place that is used to manage Windows Server's directory services
• Active Directory Users and Computers (dsa.msc): This console is used to manage users, computers, and relevant information
• Active Directory Domains and Trusts (domain.msc): This console is used to manage domains, trusts, and relevant information
• Active Directory Sites and Services (dssite.msc): This console is used to manage the replication and services between sites
• Active Directory Module for Windows PowerShell: This console is used to manage the Windows Server's directory services through cmdlets

Figure 4.1. The Active Directory Administrative Center in Windows Server 2016

You can access Microsoft's Script Center at https://technet.microsoft.com/en-us/scriptcenter/bb410849.aspx, and PowerShell Gallery at https://www.powershellgallery.com/. Both are well-known repositories of free and public domain PowerShell scripts. Additionally, substantial collections of AD- and DNS-related entries are included.