Key Components Active Directory Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The active directory is a service which has been created by Microsoft which is integrated into their Windows operating systems. The Active Directory provides the network a centralised location to administer from. All resources on the network such as clients, servers, printers etc. are listed in the active directory.

The servers that run on the active directory are known as active directory domain controllers and there is only one main ADDC server which is known as the primary domain controller. The main use of the active directory is to authenticate users which login on the network.

To make sure that too much load is not on the network, you can create multiple domain controllers. The secondary domain controllers also contain a copy of the active directory database. The active directory database contains system policy files and login scripts. The main change between the primary and secondary domain controllers is that the secondary domain controller has a read-only database.

Account Management

The account management covers the following; creating and deleting user accounts and managing account policies account management is undertaken through the active directory. The account polices that may be changed through the account management include naming conventions, password polices, login hours, determining which PCs the user can log onto, the home folder location and finally the group membership.

For example, you may need a user account may need to be set to password never expire, because some software such as replication services needs a user account which won't want the password to expire or change to allow the software to function correctly. On the other when a new user logs on they can be propped to change their password, this is known as "user must change password on next login". The password changed must also be suited with the password policy. Such as, length, mixed etc. guest accounts would need to have a password which is unchangeable so that guest users cannot change password.

An account can be temporarily. Reasons for disabling accounts can include, user breaching the organisation/company policy or they simply may have failed to change their password and the grace logins have expired.


The authentication is a process that is known to validate the user is authorised to access the network. The most popular way of validating yourself on the network is using a username and password. Other ways can also be used to validate you onto network, for example, biometric login. To be authenticated the generation of an access token is necessary.

An access token is something which is used to describe the process of authentication in a security context. The information which is held on the token is identity, and privileges of the user account which are attached to the process.

An example of this process is as follows, during the login of a user, the system will verify the user and password with comparison to the information held on the security database. Is the authentication is successful; the process will then produce an access token. Now every process which is executed using this login will have a copy of the token. The system will use the token to identify the user when the user tries to perform a system task that requires privileges.

Domain Name Service (DNS)

The Domain Name Service (DNS) resolves the Uniform Resource Locator (URL) to an IP address. This allows the user of the system tom enter a URL into their web browser and connect to the chosen website. The user's computer will need to know the IP address of the local DNS server, normally known as the Internet Service Provider (ISP). The local DNS server IP address is set on every computer on the network and can be view using the "ipconfig/all" command prompt on PC.

The DNS is used by many internet used software, such as web browsers and electronic mail programs to locate servers and to resolve and map a user friendly name of a computer to its IP address. Mostly DNS is used with the internet, but it can also be used in private networks to allow convenience because user friendly names are easier to remember then numerical IP addresses. Also another reason is to allow consistency, this meaning IP addresses may change but the server names can remain constant.

The internet communication protocol links computers all over the world; it relies on numeric addresses to identify each network computer. Every node of this network is given a number, called an IP address. The domain name service helps computers to translate names into numerical addresses. When you type an address such as "" your computer will have to first ask a cashing DNS to translate the name into a numeric address. The cashing DNS is usually provided by your internet service provider (ISP). The frequently used names and addresses your cashing server will keep the data on its local memory and responds immediately.