Active Directory
With the introduction of Windows 2000, Microsoft introduced Active Directory.
Active Directory can be described as a hierarchical directory system, broadly
similar in concept to Novell's Directory Services or the X.500 directory system.
Among the uses of Active Directory is management of resources in a CIFS
network; facilities such as the traditional browser service can be "replaced"
by Active Directory. Because Active Directory has a significant impact upon
CIFS networking, a brief overview is presented here, however a full description
is beyond the scope of this documentation; there are many excellent references
on Active Directory.
As described above Active Directory (AD) implements a "tree structure" of objects
that is broadly analogues to other directory systems that use "X.500" type
technology. Indeed Active Directory is implemented using other standard
directory technologies. In particular AD makes use of the Domain Name System
(DNS) to establish an overall hierarchical tree structure. The Lightweight
Directory Access Protocol (LDAP) directory system is also used to provide
further granularity and provide facilities not available in the DNS.
Traditional NT Domain technology is also used and provides backwards compatibility.
In order to use AD the TCP/IP v4 protocol must be configured (both DNS and LDAP run over TCP/IP). While the Browser service also ran over IPX/SPX and the NetBIOS Frames Protocol (otherwise known as NBF or NetBEUI), this is not the case with AD.
Microsoft has produced a Knowledge Base Article that provides a list of Windows 2000
Domain Controller Default Ports. This provides an insight in to the protocols used with Active
Directory.
The Knowledge Base Article is Q289241 and can be found at
http://support.microsoft.com/default.aspx?scid=kb;en-us;289241
Domain Name System (DNS)
Active Directory requires a DNS infrastructure to be in place. AD does
require that the DNS support dynamic updates, but uses the standard DNS. Thus
in order to understand the impact of Active Directory on a network, it is
necessary to understand the impact of DNS.
Some relevant RFCs are given below:
RFC 1035: "DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION"
RFC 3007: "Secure Domain Name System (DNS) Dynamic Update"
RFC 2136: "Dynamic Updates in the Domain Name System (DNS UPDATE)"
RFC 2782: "A DNS RR for specifying the location of services (DNS SRV)"
Lightweight Directory Access Protocol (LDAP)
Active Directory uses Lightweight Directory Access Protocol (LDAP) to
provide additional granularity to the "tree" structure. LDAP can be used to
create Organizational Units (OUs) within the "tree" structure.
Some relevant RFCs are given below:
RFC 2256: "A Summary of the X.500(96) User Schema for use with LDAPv3"
RFC 2251: "Lightweight Directory Access Protocol (v3)"
RFC 1777: "Lightweight Directory Access Protocol"
(Original definition)