What is Windows Server Active Directory and its uses and benefits?

Active Directory an Overview

Active Directory is a database or centralize repository of users and groups, services (Emails etc), and resources (Printers etc). All users and groups, services, and resources in AD known as Objects and collection of these objects is known as Active Directory.

Active Directory Domain Services (AD DS) provide authentication in our network means to provide a centralized authentication  service for Microsoft networks such as when any client in AD environment in an organization try to login then it sends a request to server (Known as Login request).

Then server verifies that the user name and password entered by the user is matching to the user name and password present in AD database and if this user name and password matches with the AD database then the server gives the rights and permissions to the client and let it know that which resources (that are allocated particularly him) he can use.

Also Read about

What is DHCP (Dynamic Host Configuration Protocol)Server?

How to do DHCP server role installation and configuration?

What is Windows Server Active Directory and its uses and benefits?

Features of Active Directory and its LogicalStructure

What is Active Directory Schema, Trust, and partitions or Naming Context?

Active Directory Benefits 

Basically it was introduced in 2000 and in 2003 and 2008 lots of improvements were made in it. Before 2008 it was known as only Active Directory but in 2008 a new name was given Active Directory Domain Services (AD DS).

One of the big benefits is that its structure is hierarchical means well defined, the second benefit is Multi-Master Authentication and Multi-Master Replication which means that the administrator have the ability to access and modify to AD DS from multiple points of administration. 

Third benefit is, it is a single point of access to network resources means if you have a print server, file server or mail server in your network then you do not need to login on each server while you have a single point of access because active directory manages all these things which is a collection of users and groups, services (DHCP, DNS, Print services, file services, etc), and resources (Printers etc). 

The next benefit is, ADDS has the ability to create a trust relationship with external networks running previous versions  of Active Directory means suppose your organization's network and external organization network wish to communicate with each other and want to develop a trust relationship with each other, then Microsoft Windows server 2008 has the ability to make various types of relationships such as with Microsoft-Microsoft and Microsoft to other (Unix etc).

In Hierarchical structure in which structure is divided into forest, tree, domain, and organizational units (O0Us). Forest is the biggest container object in which we can keep the other types of objects and in domains, we can make the OUs for better organization and users groups and computers are kept in these organizational units and various types of permissions and policies are implemented upon then.

In Multi-Master Authentication  and Multi-Master Replication means your database is located on multiple locations  so a single point of failure is never happen and you can access or change the database wherever you want.

When you make changes on one server then the data will replicate automatically to the other locations (Suppose you have one AD server with 2 on backup) same when users sends a login request to first AD DS and suppose server does not respond then it can be logon from 2^nd 3^rd AD DS because all servers have the same database and users do not face the single point of failure and the administrator can perform management tasks from any nearest server.

In single point of access benefit, you do not need to know that which one is your File or Print server or where located the other services like DNS or DHCP because all these things are maintained by AD DS and the only this that the user needs to be done is just logon to a domain controller on which this AD is installed which searches the resources for you and also authorize you on which resources you have given access.

The trusts that AD creates is of various types such as

Parent-Child Trust (Transitive Trust, Two way)

Tree Root Trust (Transitive Trust, Two way)

Shortcut Trust (Non-Transitive Trust, One way)

External Trust (Non-Transitive Trust, One way)- Among two different organizations

Cross Forest Trust (Transitive, Two way)

Realm Trust (Non-Transitive Trust, One way) -Among Microsoft and Unix.