Windows Server 2003 Active Directory Infrastructure!!

Active Directory is a special-purpose database — it is not a registry replacement. The directory is designed to handle a large number of read and search operations and a significantly smaller number of changes and updates. Active Directory data is hierarchical, replicated, and extensible. Because it is replicated, you do not want to store dynamic data, such as corporate stock prices or CPU performance. If your data is machine-specific, store the data in the registry. Typical examples of data stored in the directory include printer queue data, user contact data, and network/computer configuration data. The Active Directory database consists of objects and attributes. Objects and attribute definitions are stored in the Active Directory schema.

You may be wondering what objects are currently stored in Active Directory. In Windows 2000, Active Directory has three partitions. These are also known as naming contexts: domain, schema, and configuration. The domain partition contains users, groups, contacts, computers, organizational units, and many other object types. Because Active Directory is extensible, you can also add your own classes and/or attributes. The schema partition contains classes and attribute definitions. The configuration partition includes configuration data for services, partitions, and sites.

The following screen shot shows the Active Directory domain partition.

A directory is a stored collection of information about objects that are related to one another in some way. For example, an e-mail address book stores names of users or entities and their corresponding e-mail addresses. The e-mail address book listing might also contain a street address or other information about the user or entity.

In a distributed computing system or a public computer network such as the Internet, there are many objects stored in a directory, such as file servers, printers, fax servers, applications, databases, and users. Users must be able to locate and use these objects. Administrators must be able to manage how these objects are used. A directory service stores all the information needed to use and manage these objects in a centralized location, simplifying the process of locating and managing these resources. A directory service differs from a directory in that it is both the source of the information and the mechanism that makes the information available to the users.

A directory service acts as the main switchboard of the network operating system. It is the central authority that manages the identities and brokers the relationships between distributed resources, enabling them to work together. Because a directory service sup-plies these fundamental operating system functions, it must be tightly coupled with the management and security mechanisms of the operating system to ensure the integrity and privacy of the network. It also plays a critical role in an organization’s ability to define and maintain the network infrastructure, perform system administration, and control the overall user experience of a company’s information systems.