Domain Service (AD DS)
The core of any Windows Domain is the Active Directory Domain Service (AD DS). This service acts as a catalogue that holds the information of all of the "objects" that exist on your network. Amongst the many objects supported by AD, we have users, groups, machines, printers, shares and many others
Basic knowledge
What is a security principle?
An entity that can be authenticated by the operating system, such as a user account, a computer account or the security groups for these accounts.
Refer to the link below for more information:
Objects
Users
One of the most common object types in Active Directory.
Part of a security principal
May be used to represent two types of entities
a) People
Persons in the organization that requires access to network, such as employees, etc.
b) Services
Users to run services such as ISS, MSSQL, etc. These users will only possess the relevant privileges needed to run their specific service
Machine
A machine object will be created for each computer that joins the Active Directory domain
Also considered as security principals
Follows a specific naming scheme, where the machine account name is the computer's name followed by a dollar sign
Eg. The machine named DC01 will have an account called DC01$
Last updated