Domain Service (AD DS)

PreviousDomain Controller (DC)NextSecurity groups

Last updated 3 days ago

Domain Service (AD DS)

The core of any Windows Domain is the Active Directory Domain Service (AD DS). This service acts as a catalogue that holds the information of all of the "objects" that exist on your network. Amongst the many objects supported by AD, we have users, groups, machines, printers, shares and many others

Basic knowledge

What is a security principle?

An entity that can be authenticated by the operating system, such as a user account, a computer account or the security groups for these accounts.

Refer to the link below for more information:

Objects

Users

One of the most common object types in Active Directory.
Part of a security principal
May be used to represent two types of entities

a) People

Persons in the organization that requires access to network, such as employees, etc.

b) Services

Users to run services such as ISS, MSSQL, etc. These users will only possess the relevant privileges needed to run their specific service

Machine

A machine object will be created for each computer that joins the Active Directory domain
Also considered as security principals
Follows a specific naming scheme, where the machine account name is the computer's name followed by a dollar sign

Eg. The machine named DC01 will have an account called DC01$

PreviousDomain Controller (DC)NextSecurity groups

Last updated 3 days ago