The progress of technology and business development bring the need for controlling all the information. The advanced information technology and computer systems necessitate the centralization of their management. All this is achieved by a perfect coordination and a perfect computer system. Such a system is the so called client-server system. We can call “client” the user computers on the network and “server” – a computer that provides some information to the client. In order to be more useful, we will present to you a Windows based, centralized system called Active directory (AD)
What is Active Directory (AD)?
This is actually a very complex structure that could be described as a centrally managed database. The brain of the system is the domain controller (DC) – this is a Windows server that acts as a traffic light – it says who does what in the network and what data he can access. In practice, the system administrator (in this case the domain) can coordinate absolutely everything both in user machines and in other servers in the network, as they are all subject to the domain controller (DC). The user computers and /or profiles can be managed by rules called policies (Group policy object), by modifying rights to directories, services, registers, etc., located on the local machine. In such a way user rights to certain network resources (such as file servers) can be restricted or granted. At some point, the policies could be applied to part of the user’s computers or user profiles which in turn can be grouped into containers, called Organization units (OU), on the server. The policies (GPO), which may be templates from Microsoft or created by an administrator, are applied on these Organization units. Imagine that you are an administrator of a large computer network with several servers, e.g. 100 computers and 5 servers. You could control the servers, but how can you administer all the users and computers – it is too much. Here the system comes to the rescue.
Organizationally, we have 3 units, each one with 3 levels – management, warehouse and sales. First level is Head of Department, second level is the Department Coordinator, third level are the executives (in this example we use entirely contingent departments and levels).
In our system, however, they are a little more, in order to organize the rights of all of them to a certain resource. For this scenario we will give as an example the access to information which is located on a file server.
1. Let’s create 3 OU with the department names (for the 3 departments) on the domain controller and in each OU create 3 more OU for each level.
2. On the file server we have three folders with the names of the units (optional). Each folder can be set rights for reading, writing and execution. For example, if we set rights to folder “warehouse” for reading, writing and execution of the warehouse department, then we will delegate the rights of the participants in the OU warehouse for these functions. Meanwhile I give only reading rights to OU sales because they do not need to change the information there, nor it is their job.
3 . Since you have taken the rights to install additional software on your computers, you save problems (to a large extent) which can be caused by malicious software. Here we should mention that administrators can install software, not only working on the local computer but also remotely.
4 . Another useful application of this system is that it can standardize the settings of all computers and users at the touch of a button. In practice, we can say that the desktop of each user will be equipped with certain icons and folders according to his needs.
Ultimately, we could list countless applications of this system, it is all about needs and purposes.
What is a domain? – A domain is a part of the hierarchical space of a network that has its own unique name (domain name). As private domains we can use – company.int, company.bul, etc.