What is an Active Directory (AD)?
The Microsoft Windows 2000 Active Directory glossary defines an Active Directory as a structure supported by Windows® 2000 that lets any object on a network be tracked and located. Active Directory is the directory service used in Windows 2000 Server and provides the foundation for Windows 2000 distributed networks. A directory service provides the methods for storing directory data and making this data available to network users and administrators. For example, Active Directory stores information about user accounts, such as names, phone numbers, and so on, and enables other authorized users on the same network to access this information.”
The AD, or Active Directory, is a database based on the LDAP (Lightweight Directory Access Protocol) standard, which makes the information contained within the AD easily available to other applications across different platforms. The AD contains user accounts, computer accounts, organizational units, security groups, and group policy object - all of which have a unique name and a unique path. All unique objects in the AD use a domain contained within the AD as a means of authentication.
What is a domain?
The Microsoft Windows 2000 Active Directory glossary defines a domain as a single security boundary of a Windows NT-based computer network. Active Directory is made up of one or more domains. On a standalone workstation, the domain is the computer itself. A domain can span more than one physical location. Every domain has its own security policies and security relationships with other domains. When multiple domains are connected by trust relationships and share a common schema, configuration, and global catalog, they constitute a domain tree. Multiple domain trees can be connected together to create a forest.
What is a tree?
The Microsoft Windows 2000 Active Directory glossary defines a tree as a set of Windows NT domains connected together through transitive,...