Active Directory Domain Services (AD DS) is a core component of Active Directory that provides authentication of users and determines access to network resources using security certificates, LDAP, and rights management. It stores identity data in a directory on domain controllers that is replicated across domains. Administrative policies can be centrally configured and applied to objects like users, groups, and organizational units stored in the Active Directory data store.