Active Directory Fundamentals

Microsoft Passport

Using a password is a common approach to protect and secure a resource. However, the use and maintenance of a password have its shortcomings. One challenge is the difficulty in remembering passwords, more so, if the complexity requirements are in place. Another possibility is the repository containing the passwords being breached. Microsoft has an alternative to passwords called Microsoft…
Read more
Active Directory Fundamentals

Read only domain controller

Introduction A read only domain controller (RODC) is a type of domain controller that has read-only partitions of Active Directory Domain Services (AD DS) database. RODC is available in Windows server 2008 OS and in its succeeding versions. Enterprises tend to deploy RODC under two conditions viz., When there is not enough physical security to the datacenter.When there isn’t…
Read more
Active Directory Fundamentals

Active Directory Recycle Bin

In an Active Directory environment, there could be instances where Active Directory objects such as users, computers, groups, or organizational units are deleted accidentally. Revocation of such errors can be a cumbersome task for system administrators. Thus to enable easy recovery of deleted objects by the administrators, Microsoft introduced Active Directory Recycle Bin which is quite similar…
Read more
Active Directory Fundamentals

Active Directory Replication: What it is and how it works

What you will learn from this article? Information in the Active Directory (AD) network is modified or updated constantly. In such cases, if any information is updated in one domain controller (DC) of the AD network, all other DCs in the network should also be updated with the new information. This process is done in AD through replication. In this article, we will take a look at what is AD…
Read more
Active Directory Fundamentals

Understanding Active Directory Tombstone

What are Tombstones in Active Directory? When you delete an object from the Active Directory (AD) database, it’s marked as a tombstone object instead of being fully removed. By default, each tombstone object remains in the database for 180 days. Once this tombstone’s lifetime value is exceeded, the tombstone object is automatically deleted by the garbage collection process.
Read more
Active Directory Fundamentals

Access Control List (ACLs) and Access Control Entries (ACEs)

What you will learn: In this article, we will take a look at what an access control list (ACL) and an access control entry (ACE) are, the components that make up an ACL and ACE, and also dive into the types of ACLs and ACEs, and their purposes. What are Access Control Lists, and why do we need them? In an Active Directory network, not all users or computers would require access to all the…
Read more
Active Directory Fundamentals

Difference between Disabled, Expired and Locked Account

Disabled accounts If an organization has a provisioning process in place for governing (automatically) the enabling and disabling of account status and (or) there is a good frequency of guest / vendor engagement, this process is very effective. Owing to the uncertainty attached to such vendor engagement that has an uncertain expiry date, an automated process can’t be preset. Also in a…
Read more
Active Directory Fundamentals

What is a workgroup and how is it set up?

Authenticating users in a computer network. Employees in any organization, big or small, need to log in to their computers at the start of their work day. Logging in gives them access to shared files, folders, printers, critical applications related to work, as well as the internet. Organizations need to authenticate and verify the identity of each user before they gain access to these…
Read more
Active Directory Fundamentals

What are Domain Functional Levels and how do you raise them?

Domain Functional Levels – An overview Domain functional level (DFL) determines the features of a Domain Controller (DC) based on the Windows Server Operating System (OS) it runs on. A feature set of a particular DFL will be available for a DC if it runs on the operating system version that is compatible with the functional level. Note that, the OS version constraint is only for the…
Read more
Active Directory Fundamentals

The structures and benefits of organizational units

Organizational units (OUs) When you deploy Active Directory (AD) in your company, you may decide to create multiple organizational units (OUs) within your domain. An OU is a container within your domain that holds users, groups, computers, and other objects. You use an OU to store similar objects, making them easy to access and administer them. An OU will always be contained within a single…
Read more