- The Evolution of Directory Services
- Understanding the Development of AD DS
- AD DS Structure
- Outlining AD DS Components
- Understanding Domain Trusts
- Defining Organizational Units
- Outlining the Role of Groups in an AD DS Environment
- Understanding AD DS Replication
- Outlining the Role of DNS in AD DS
- Outlining AD DS Security
- Getting Familiar with AD DS Features in Windows Server 2016
- Summary
- Best Practices
Understanding the Development of AD DS
Introduced with Windows 2000 Server as a replacement to Windows NT 4.0 domains, AD DS (then known simply as AD in Windows 2000) was later greatly improved in the 2003, 2003 R2, 2008, 2008 R2, 2012, 2012 R2, and now the 2016 versions. AD DS has achieved wide industry recognition and acceptance and has proven itself in reliability, scalability, and performance. The introduction of AD DS served to address some limitations in the legacy NT 4.0 domain structure design and also allowed for future Microsoft and third-party products to tie into a common interface.
Detailing Microsoft’s Adoption of Internet Standards
Since the early development of Windows Server after the 2000 version and continuing with Windows Server 2016, Microsoft has strived to make all its products Internet-compatible and user friendly. Standards that before had been options or previously incompatible were subsequently woven into the software as primary methods of communication and operability. All applications and operating systems became TCP/IP compliant, and proprietary protocols such as NetBEUI were phased out. Now, the last few years have seen a huge surge in demand for cloud-based computing, virtualization, and the advent of Azure, all of which support AD.
With the introduction of Windows Server 2016, the Internet readiness of the Microsoft environment reaches new levels of functionality, with enhancements such as the ability to join virtual domain controller templates to a forest; the ability to restore deleted objects using the Active Directory Recycle Bin, offline domain join, and Managed Service Accounts; the ability to use multiple password policies per domain; read-only domain controller (RODC) support, the ability to start/stop AD on a domain controller (DC), and the ability to audit changes made to AD objects.