Active Directory

ActiveDirectory is the Microsoft server operating systems component for managing directory services. It has been available since Windows 2000.

O'Reilly has a book on the subject matter at

where you can download a sample chapter that discuss the upgrade of an existing Active Directory system to that for WindowsServer2003.

According to,289142,sid1_gci201600,00.html

''Active Directory is a feature within Windows 2000 that is designed to transform a disorganized vault of information, including individual user names, sites and passwords into an organized filing system that can be rearranged at will into various groups and domains as circumstances dictate.

In addition, Active Directory multiplies the filing system contents, replicating directory database information throughout all its locations, allowing one server to perform in lieu of another if a failure occurs. ''

The three major characteristics are: 1) backbone network management system built into the operating system; 2) security management via internet protocols; 3) a platform for hosting other directory enabled functions

The implementation of ActiveDirectory require careful planning and use of highly skilled resources. The IT industry reported in 2003 that organizations started serious efforts in moving to this scheme only recently, and was triggered by end of support for the MicrosoftWindowsNt platform.

Different flavors of ActiveDirectory

ActiveDirectory as found in The WindowsServerTwoThousandThree has "enhancements" not found in WindowsTwoThousand. See
What do people who have banks of Linux servers use for DirectoryServices??

As ever, linux users have a lot of options. The best is probably LDAP, which is the basis of ActiveDirectory as well. The time-tested, mature solution is NIS , which stands for Network Information System and descends from Sun's yp (yellow pages) suite. Linux typically uses pluggable authentication modules, which means if you're willing to write a little code you can authenticate against virtually anything. Authentication modules exist for smart cards, relational databases and, to bring the discussion full circle, ActiveDirectory servers.

Is LDAP (LightweightDirectoryAccessProtocol) just a set of Api built ontop of a tool? What is the name of an equivalent tool for Linux environment?

OpenLDAP is the LDAP implementation most often used in the Unix world. LDAP simply provides a hierarchical database. PAM (pluggable authentication modules) can be configured to perform authentications against LDAP directories. OpenLDAP includes utilities that can automatically synchronize LDAP trees between servers. Does that answer your question? I'm not sure what you're asking.

A list of ActiveDirectory related resources can be found at

Also, a site specific to ActiveDirectory concerns can be found at

ActiveDirectory central to Microsoft IdentityManagement and Dynamic Systems Initiative schemes

See also see ActiveDirectoryFederationServices


View edit of November 1, 2005 or FindPage with title or text search