How Active Directory works

Active Directory is Microsoft’s implementation of a Directory Service. A Directory is similar to a database, but typically contains more descriptive, attribute-based data; that is, data read more often than it is written. A Directory Service is a network service that identifies all resources on a network and makes them accessible to users and applications. Resources include e-mail addresses, computers, and peripheral devices such as printers.

Active Directory uses LDAP for Authorization and Kerberos for Authentication.

LDAP or Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard protocol for accessing Directory services in order to retrieve data or write data. In more simpler terms LDAP is an application protocol that queries or modifies specified information from the Active Directory’s global catalog.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. It works on the basis of ‘tickets’ to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

Active Directory port requirements

How Kerberos Works



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s