Export (0) Print
Expand All
14 out of 29 rated this helpful - Rate this topic

About Active Directory Domain Services

Writing Powerful Applications that Use Active Directory Domain Services

This guide provides essential information for integrating Active Directory Domain Services in distributed applications designed for operating systems that support Active Directory Domain Services, including:

  • Windows 2000 Server, Windows 2000 Advanced Server, and Windows 2000 Datacenter Server.
  • Windows Server 2003, Standard Edition, Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition.
  • Windows Server 2008, Windows Server 2008 Enterprise, and Windows Server 2008 Datacenter.

Fundamental Directory Features

A directory service is a fundamental service for distributed applications. A directory service must provide the features listed in the following table.

FeatureDescription
Location transparencyAble to find user, group, networked service, or resource, data without the object address
Object dataAble to store user, group, organization, and service data in a hierarchical tree
Rich queryAble to locate an object by querying for object properties
High availabilityAble to locate a replica of the directory at a location that is efficient for read/write operations

 

Advanced Features of Active Directory Domain Services

Active Directory Domain Services provides the features listed in the following table.

FeatureDescription
Support for Internet standardsActive Directory Domain Services implements its features in accordance with published Internet standards such as LDAP and DNS.
Tightly integrated and flexible securityAdvantages include:
  • Choice of authentication packages. Kerberos, Secure Sockets Layer (SSL), or a combination; for example, establish an SSL channel for encryption and then use Kerberos for authentication.
  • Central management of service and resource access by using the users and groups in Active Directory Domain Services.
  • Delegation of administration so that central administrators can delegate administrative tasks such as password changing or specific object creation and deletion.
  • The Active Directory server uses the same access control mechanisms used on file systems in the Windows NT Server 3.51 and later operating systems, Windows 2000 Server operating systems, and Windows Server 2003 operating systems. Thus, the same tools that manage access control on a file system work for Active Directory Domain Services.
  • Comprehensive Public Key infrastructure. The Microsoft Certificate Server and Smart Card support are integrated with Active Directory Domain Services to provide Smart Card logon and Certificate management.
Easily programmableThe Active Directory server can be programmatically accessed and administered using the Active Directory Service Interfaces API, Lightweight Directory Access Protocol API, or the System.DirectoryServices namespace.
Directory enabled system servicesYour client application can be easily deployed to distributed desktops by creating a Windows Installer package and using the application deployment feature available in the Windows 2000 Server, Windows Server 2003, and Windows Server 2008 operating systems.
Key application integrationKey distributed applications, such as Exchange, are integrated with Active Directory Domain Services. Thus, companies can reduce the number of directory services to be managed.
Rich and extensible schemaThe schema defines what objects and properties can be written and read from a directory service. The Active Directory Schema is rich. Most of the objects and properties a service requires are available. If not, a distributed application can extend the schema to support the application requirements.

 

For more information about Active Directory Domain Services, see:

 

 

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.