Basics

Active Directory (AD) is a centralized repository for managing users, computers, and policies within a Windows domain.

• AD enables centralized identity management, allowing user accounts to be configured and managed from one place.

• It helps in managing security policies that can be applied network-wide to users and computers.

• AD is hosted on a Domain Controller (DC)—a server that runs the AD services.

When users log in to any domain-connected computer, authentication is handled by AD, meaning user credentials do not need to exist on each individual machine. AD allows administrators to enforce restrictions and permissions (e.g., disabling access to the control panel) through group policies.