Active Directory
What is Active Directory?
Active DirectoryMicrosoft's enterprise directory service for Windows networks, providing centralized authentication, authorization, and policy management for users, computers, and resources.
Active Directory (AD) stores identity information in a hierarchical, replicated database hosted on domain controllers and exposed via LDAP, while authentication is handled primarily through Kerberos and, for legacy clients, NTLM. Administrators define forests, domains, organizational units, and Group Policy Objects to apply consistent configuration and security baselines across thousands of machines. AD is the backbone of most enterprise environments, which makes it a high-value target: attackers seek Kerberoasting, AS-REP roasting, DCSync, Golden Tickets, and BloodHound-mapped paths to Domain Admin. Modern hardening combines tiered administration, dedicated PAW workstations, LAPS, AD audit logging, and integration with Entra ID for hybrid identity and Conditional Access.
● Examples
- 01
A Windows workstation joining a corporate domain controller during onboarding.
- 02
A Group Policy that enforces BitLocker drive encryption on all domain-joined laptops.
● Frequently asked questions
What is Active Directory?
Microsoft's enterprise directory service for Windows networks, providing centralized authentication, authorization, and policy management for users, computers, and resources. It belongs to the Identity & Access category of cybersecurity.
What does Active Directory mean?
Microsoft's enterprise directory service for Windows networks, providing centralized authentication, authorization, and policy management for users, computers, and resources.
How do you defend against Active Directory?
Defences for Active Directory typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Active Directory?
Common alternative names include: AD, AD DS, Active Directory Domain Services.