1. Introduction

1.1 What is Active Directory?

One of the challenges of working within a large, distributed computing environment is identifying and locating resources such as users, groups, print queues, and documents. A directory service is a part of a distributed computing environment that provides a way to locate and identify the users and resources available in the system. The directory service is like a phone directory. Given a name for a person or a resource, it provides the information necessary to access that person or resource. You do not have to use specific binding information to access a resource on the network.

A new challenge arises in today's computing environment with different network environments from different network providers offering different directory services, all within a single connected system. Directory services from different network providers have similar, but not identical, capabilities.

Active Directory provides a framework and implementation for interfaces that abstract the properties and methods of well-known directory service objects found within multiple network environments. You can use Active Directory services to query, enumerate, and manage the resources in a directory service, no matter which network environment is associated with the resource. Active Directory abstracts the capabilities of directory services from different network providers to present a single set of directory service interfaces for managing network resources. Active Directory makes it easier to perform common administrative tasks, such as adding new users, managing printers, and locating resources, throughout the distributed computing environment. You do not have to deal directly with the nuances of a proprietary directory service.

Active Directory is one component of Windows® Open System Architecture (WOSA) Open Directory Service Interfaces (ODSI).