Active Directory Services Overview

Active Directory Services Overview


Active Directory provides the means to manage the identities and relationships that make up your organization's network. Integrated with Windows Server, Active Directory gives you out-of-the-box functionality needed to centrally configure and administer system, user, and application settings

Active Directory services available in Windows Server 2008 and Windows Server 2008 R2 include Active Directory Certificate Services (AD CS), Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS), Active Directory Lightweight Directory Services (AD LDS), and Active Directory Rights Management Services (AD RMS).



Active Directory Certificate Services (AD CS)

Active Directory Certificate Services (AD CS) allows you to create, distribute, and manage customized public key certificates. Most organizations use certificates to prove the identity of users or computers, as well as to encrypt data during transmission across unsecured network connections. AD CS enhances security by binding the identity of a person, device, or service to their own private key. Storing the certificate and private key within Active Directory helps securely protect the identity, and Active Directory becomes the centralized location for retrieving the appropriate information when an application places a request.

Active Directory Domain Services (AD DS)

Active Directory Domain Services (AD DS) stores directory data and manages communication between users and domains, including user logon processes, authentication, and directory searches. AD DS is the central location for configuration information, authentication requests, and information about all of the objects that are stored within your forest. Using AD DS, you can efficiently manage users, computers, groups, printers, applications, and other directory-enabled objects from one secure, centralized location.

Active Directory Federation Services (AD FS)

Active Directory Federation Services (AD FS) provides Web single-sign-on (SSO) technologies to authenticate a user to multiple Web applications over the life of a single online session. AD FS is a highly secure, highly extensible, and Internet-scalable identity access solution that allows organizations to authenticate users from partner organizations. Using AD FS, you can easily and very securely grant external users access to your organization’s domain resources. AD FS can also simplify integration between untrusted resources and domain resources within your own organization.

Active Directory Lightweight Directory Services (AD LDS)

Active Directory Lightweight Directory Services (AD LDS) is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the restrictions of Active Directory Domain Services (AD DS). Instead of using your organization’s AD DS database to store the directory-enabled application data, AD LDS can be used to store the data. AD LDS can be used in conjunction with AD DS so that you can have a central location for security accounts (AD DS) and another location to support the application configuration and directory data (AD LDS). Using AD LDS, you can reduce the overhead associated with Active Directory replication, you do not have to extend the Active Directory schema to support the application, and you can partition the directory structure so that the AD LDS service is only deployed to the servers that need to support the directory-enabled application.

Active Directory Rights Management Services (AD RMS)

Active Directory Rights Management Services (AD RMS) protects your information and works with AD RMS-enabled applications to help safeguard digital information from unauthorized use. AD RMS can help make sure that only those individuals who need to view a file can do so. AD RMS can protect a file by identifying the rights that a user has to the file. Rights can be configured to allow a user to open, modify, print, forward, or take other actions with the rights-managed information. With AD RMS, you can even safeguard data when it is distributed outside of your network.

See Also

Other Languages

 

Leave a Comment
  • Please add 5 and 8 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • Kurt L Hudson edited Revision 18. Comment: Removed broken UNIX link added new one

  • Kurt L Hudson edited Revision 17. Comment: Included TOC and made updates to headings

  • Kurt L Hudson edited Revision 15. Comment: Fixed formatting using HTML - Design Editor was not working properly

  • Kurt L Hudson edited Revision 14. Comment: Fixed formatting and See Also area

  • Kurt Hudson MSFT edited Revision 12. Comment: Removed that information I just pasted because I am realizing it belongs in the AD DS article.

  • Kurt Hudson MSFT edited Revision 11. Comment: Copying content from most popular windows 2000 vintage article. Next I will edit it into this document.

  • Ed Price MSFT edited Revision 8. Comment: Updated title case.

  • Ed Price MSFT edited Revision 7. Comment: Added "See Also" section.

Page 1 of 1 (8 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • thanks for information.<b> Nice article</b>

  • Ed Price MSFT edited Revision 7. Comment: Added "See Also" section.

  • Ed Price MSFT edited Revision 8. Comment: Updated title case.

  • Kurt Hudson MSFT edited Revision 11. Comment: Copying content from most popular windows 2000 vintage article. Next I will edit it into this document.

  • Kurt Hudson MSFT edited Revision 12. Comment: Removed that information I just pasted because I am realizing it belongs in the AD DS article.

  • Kurt L Hudson edited Revision 14. Comment: Fixed formatting and See Also area

  • Kurt L Hudson edited Revision 15. Comment: Fixed formatting using HTML - Design Editor was not working properly

  • Link for the "Integrating Active Directory with Linux / UNIX" not work when click on the link we have this error

    Server Error in '/wiki' Application.

    --------------------------------------------------------------------------------

    The resource cannot be found.

    Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable.  Please review the following URL and make sure that it is spelled correctly.

    Requested URL: /wiki/contents/articles/active-directory-services-overview/Integrating Active Directory with Linux / UNIX

  • Kurt L Hudson edited Revision 17. Comment: Included TOC and made updates to headings

  • Kurt L Hudson edited Revision 18. Comment: Removed broken UNIX link added new one

  • Robert Silver [MCM] edited Revision 20. Comment: Added more commonly referred to acronyms to the headers

  • Robert Silver [MCM] edited Revision 21. Comment: Added more commonly referred to acronyms to the headers and TOC

  • Ed Price - MSFT edited Revision 26. Comment: Added "Other Languages"

  • Fernando Lugão Veltem edited Revision 31. Comment: update font style

  • Fuat Ceylan edited Revision 33. Comment: Title has edited (en-US)  

Page 1 of 2 (20 items) 12