What Is Active Directory?
Active Directory (AD) is Microsoft's directory service that stores information about network resources — users, computers, groups, printers, and shared folders — in a hierarchical, searchable database, and provides the authentication and authorization services that let those resources securely interact. Instead of managing local accounts on every machine individually, administrators create one AD account per user that grants sign-in and access rights across the entire domain, following the principle of centralized identity management.
Cricket analogy: Think of AD like the BCCI's central player registry: instead of each IPL franchise maintaining its own separate list of who Virat Kohli is and what he's allowed to do, one authoritative registry issues a single credential every team and umpire recognizes.
Core Components: AD DS, LDAP, and the Directory Database
The Active Directory Domain Services (AD DS) role is the Windows Server component that actually implements the directory. It stores every object — user accounts, security groups, computer accounts, group policy objects — in a database file called ntds.dit, and exposes that data over the Lightweight Directory Access Protocol (LDAP) on port 389 (or 636 for LDAPS). Administrators and applications query and modify AD using LDAP distinguished names such as CN=Jane Doe,OU=Sales,DC=contoso,DC=com, which encode an object's exact position in the directory hierarchy.
Cricket analogy: Similar to how Cricinfo's Statsguru database stores every ball bowled with a structured query path — team, series, match, over — so you can pinpoint a single delivery instead of scrolling through commentary.
Domain Controllers and Replication
A domain controller (DC) is a server running AD DS that holds a writable copy of the directory database for its domain. AD uses multi-master replication, meaning every DC (except read-only domain controllers, or RODCs) can accept changes, which then propagate to other DCs via the Knowledge Consistency Checker (KCC) using Remote Procedure Calls (RPC) over IP, following an automatically generated replication topology. This design means there's no single point of failure — if one DC goes offline, others still authenticate users and process changes, and updates like a password reset made on one DC eventually converge across the whole site.
Cricket analogy: Similar to how DRS reviews sync across every broadcast feed worldwide within seconds of the third umpire's decision, so every viewer sees the same final call regardless of which feed they're watching.
# List all domain controllers in the current domain
Get-ADDomainController -Filter *
# Check replication health between DCs
repadmin /replsummary
# Run a full domain controller diagnostic
dcdiag /v /c /dA Read-Only Domain Controller (RODC) holds a non-writable copy of the directory and caches only the credentials of users it's configured to service — useful for branch offices with weaker physical security, since a stolen RODC exposes far less than a stolen full DC.
Authentication: Kerberos and NTLM
AD DS uses Kerberos as its default authentication protocol. When a user logs in, the Key Distribution Center (KDC) service running on every DC issues a Ticket Granting Ticket (TGT), which the client then presents to request service tickets for specific resources like a file server or SQL instance, without ever transmitting the password itself. NTLM (NT LAN Manager) is an older, weaker challenge-response protocol AD still supports for backward compatibility, but it lacks mutual authentication and is more vulnerable to relay and pass-the-hash attacks, so modern hardening guidance pushes organizations to disable NTLM wherever Kerberos is viable.
Cricket analogy: Similar to how a player's central contract with the BCCI (the TGT) lets them request match-specific accreditation for each IPL venue without re-proving their identity to every stadium security team.
NTLM has no mutual authentication and is highly susceptible to pass-the-hash and NTLM relay attacks — Microsoft recommends auditing NTLM usage with Event ID 4776 and gradually restricting it via Group Policy (Network security: Restrict NTLM) once Kerberos-only compatibility is confirmed.
- Active Directory (AD) is Microsoft's directory service for centralized identity, authentication, and resource management.
- AD DS stores objects in the ntds.dit database and exposes them via LDAP using distinguished names.
- Domain controllers (DCs) hold writable copies of the directory and replicate changes to each other using multi-master replication.
- RODCs hold read-only, cached copies of the directory, useful for less physically secure locations.
- Kerberos is AD's default authentication protocol, using TGTs and service tickets issued by the KDC.
- NTLM is a legacy protocol still supported for compatibility but is weaker and should be phased out where possible.
- Because AD centralizes accounts, a single credential can authenticate a user across every domain-joined resource.
Practice what you learned
1. What file on a domain controller stores the Active Directory database?
2. Which protocol does AD DS use to expose directory data for queries and modifications?
3. What does a Read-Only Domain Controller (RODC) do differently from a standard DC?
4. In Kerberos authentication, what does the KDC issue immediately after a successful logon?
5. Why is NTLM considered weaker than Kerberos for modern AD environments?
Was this page helpful?
You May Also Like
Domains, Trees, and Forests
How Active Directory organizes multiple domains into trees and forests to model organizational and trust boundaries.
Installing AD DS and Promoting a Domain Controller
A walkthrough of installing the AD DS server role on Windows Server and promoting it into a new or existing domain controller.
Users, Groups, and Computer Objects
The core AD object types — user accounts, security/distribution groups, and computer accounts — and how group scope and type govern permissions.
Related Reading
Related Study Notes in Microsoft Technologies
Browse all study notesWindows 10 / UWP Development Study Notes
.NET · 30 topics
Microsoft TechnologiesWindows Batch Scripting Study Notes
Batch · 30 topics
Microsoft TechnologiesMFC (Microsoft Foundation Classes) Study Notes
C++ · 30 topics
Microsoft TechnologiesSilverlight Study Notes
.NET · 30 topics
Microsoft TechnologiesXAML Study Notes
.NET · 30 topics
Microsoft TechnologiesWPF (Windows Presentation Foundation) Study Notes
.NET · 30 topics