What is Active Directory?
Active Directory is the identity backbone of most enterprises -- the single source of truth that decides who you are, what you can access, and how your computer is configured.
Active Directory (AD) is a service created by Microsoft that acts like a central directory for a company's computer network. Think of it as a master list of every person, computer, and resource in the organization. When you log in to your work computer, AD checks your username and password, confirms you are who you say you are, and then determines what files, printers, and applications you are allowed to use. Almost every large company in the world relies on Active Directory to manage their network.
Imagine a massive corporate building. The front security desk knows every employee by name, holds their photo ID, and has a list of which floors and rooms each person is allowed to enter. Active Directory is that security desk -- but for an entire computer network. It stores every user account, every computer, and every permission in one central place so the network always knows who is who and who can do what.
Key Takeaways
- AD is the centralized identity and access management system for Windows networks.
- Over 90 percent of Fortune 1000 companies use Active Directory.
- AD handles authentication (who you are) and authorization (what you can do).
- The AD database (NTDS.dit) is replicated across domain controllers.
- Compromising AD often means compromising the entire organization.
Because Active Directory is the single point of trust for most enterprise networks, every attacker targets it and every defender must understand it. If AD falls, the whole network falls.