Active Directory is a system which offers centralized control of your computers. This video looks at what Active Directory is and why you would use it. The video explains the difference between a workgroup and a domain so you can better understand when you would want to deploy Active Directory.
Terminology used in the video
A workgroup is a network setup in which each computer on the network keeps its own store of user names and passwords. In order to access another computer on the network, you need to know a username and password on that computer. This does not scale well. The user will be prompted for a username and password when he or she accesses another computer when the passwords are not in sync.
Available only in a pure Windows 7 network. HomeGroup provides a simple way to share files and printers in a network. HomeGroup allows Windows 7 computers to be grouped together to share each other’s resources using just one centralized password.
A domain is a logical group of computers that share the same Active Directory database. A domain allows you to manage a group of computers rather than one by one. This is done through the central use of usernames and passwords and the configuration of computers using group policy.
A Domain Controller is a Windows Server that has Active Directory Services roles configured on it by using a process called promotion. The Domain Controller holds a writeable copy of the Active Directory database. Each domain has at least one Domain Controller but more should be added for redundancy.
Active Directory Database
Active Directory uses a database to hold objects like users and settings. The database uses multi-master replication and thus can have multiple copies of the database stored in multiple locations around the world. Each of these copies is writeable. Active Directory automatically fixes any replication conflicts that may occur by using a last writer wins system. That is, the latest update of any object is used when there is a replication conflict.
Active Directory supports multiple domains to be linked together by using a trust. Each domain has a separate Active Directory database but resources can be shared between the different domains.