According to Microsoft:

​

A directory is a hierarchical structure that stores information about objects on the network. A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators. For example, AD DS stores information about user accounts, such as names, passwords, phone numbers, and so on, and enables other authorized users on the same network to access this information.

Active Directory stores information about objects on the network and makes this information easy for administrators and users to find and use. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information.

This data store, also known as the directory, contains information about Active Directory objects. These objects typically include shared resources such as servers, volumes, printers, and the network user and computer accounts. For more information about the Active Directory data store, see Directory data store.

Security is integrated with Active Directory through logon authentication and access control to objects in the directory. With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. Policy-based administration eases the management of even the most complex network. For more information about Active Directory security, see Security overview.

​

​

Advantages and Benefits of Active Directory 

 

The Top 3 major benefits of Active Directory Domain Services are:

​

centralizes Resource and Security Administration

​

This is the main benefits of Active Directory. Active Directory provides a single point from which administrators can manage and secure network resources and their associated security objects. An organization can administer Active Directory based on an organizational model, a business model, or the types of functions being administered.

For example, an organization could choose to administer Active Directory by logically dividing the users according to the departments in which they work, their geographical location, or a combination of these characteristics.

Active Directory can streamline the security management of all network resources and extend interoperability with a wide range of applications and devices. When Active Directory is implemented and secured properly, it allows the administer to effective implement a company’s policy and procedures for cyber security, network services, and resources at a detailed level.

​

Provides a Single Point of Access to Resources

​

Active Directory provides a single point of management for network resources. Active Directory uses a single sign-on to allow access to network resources located on any server within the domain.

The user is identified and authenticated by Active Directory once. After this process is complete, the user signs on once to access the network resources that are authorized for, according to his or her assigned roles and privileges within Active Directory.

​

Simplifies Resource Location 

​

Active Directory simplifies resource location by allowing files and print resources to be published on the network. Publishing an object allows users to securely access network resources by searching the Active Directory database for the desired resource.

This search can be based on the resource’s name, description, or location. For example, a shared folder can be found by clicking the appropriate search button using Network in Windows 10 or Microsoft Windows Server 2012.

A user can configure the search scope. The shared folder name and keyword do not need to be search criteria. Providing more search information creates more specific results. For example, if you have configured the word “accounting” as a keyword for 100 folders, a search for the keyword will return 100 results that a user would need to sort through to find the desired folder.

Imagine you are a user in a 10 server environment, where every server has a different set of resources that you need to do your job. If you were in this situation, identifying which server provides each resource would not be an easy task. This is even more complicated when you have mobile users, such as an employee visiting from another site who needs to locate printers and other devices to become productive at the new site.

​