The document discusses Active Directory and its components. Active Directory is a directory service that stores information about network objects like users and passwords. It uses LDAP, Kerberos, and DNS protocols. LDAP allows reading/editing directories over IP networks. Kerberos provides secure authentication between nodes. DNS translates names to IP addresses. Active Directory provides services like domain services, lightweight directory services, certificate services, rights management, and federation services.

1. Active Directory
 The active directory is just like a
container that contains the information
about the network objects like users,
passwords, computer accounts etc
 It uses three application layer protocols
LDAP
Kerberos
DNS

2. LDAP
 Lightweight Directory Access Protocol
 Is an application protocol for reading
and editing directories over an IP
network.
 It is a standardized server/client TCP/IP
based Protocol.

3. Kerberos
 Is a computer networking authentication
Protocol , which allows nodes to
communicate over a non secure network
to prove there identity to one another in
a secure manner.

4. DNS
 Domain Name System
 It is an application layer protocol
 It is use to translate Domain name to
there IP address and IP address to
Domain Name.

5. Active Directory Services
Active directory provides different type of
services like.
 Active Directory Domain Services (AD DS)
 Active Directory Lightweight Directory
Services (AD LDS)
 Active Directory Certificate Services (AD
CS)
 Active Directory Right Management
services (AD RMS)
 Active Directory federation Services (AD
FS)

6. Active Directory Domain
Services
 Directory service is a service that manages all
resources on the network from a centralized
location and make them available to the network
users and application.
 It provide different type of services like
User Account
Computer Account
User authentication
Access to network resource
Domain wide authentication

7. Active Directory Lightweight
Directory Service
 Based on LDAP
 Allow clients to access a directory
service
 Used for application like
Internet applications
○ Centralized or distributed white pages
○ ISP on-line subscriber directory
Intranet applications
○ Internal white pages
○ Certificate and CRL distribution
○ System/network management database

8. Active Directory Certificate
Services
 Certificate services is the most common
way to provide security in the enterprise
and on the internet.
 Digital certificates are used for encrypt
information, authenticate users and
computers in AD CS.
 The PKI (Public Key infrastructure) is
used to distribute and manage digital
certificate.

9. Public Key Infrastructure
PKI includes
○ Certificate Authorities
○ Certificate revocation list
○ CA Management Tools
○ Certificates

10. Active directory Right
Management Services
 AD RMS is a form of information rights
management that uses encryption and a
form of selective functionality for limiting
access to documents such as corporate
e-mails, word documents.
 Distribute client certificates enforces
content access policies, and provides
central management.

11. Active Directory Federation
Services
 In AD FS, identity federation is established
between two organizations by establishing
trust between two security realms. A
federation server on one side (the
Accounts side) authenticates the user
through the standard means in Active
Directory Domain Services and then issues
a token containing a series of claims about
the user, including its identity.