Active Directory Domain Services
Active Directory Domain Services (AD DS),
formerly known as Active Directory Directory Services, is the central
location for configuration information, authentication requests, and
information about all of the objects that are stored within your forest.
Using Active Directory, you can efficiently manage users, computers,
groups, printers, applications, and other directory-enabled objects from
one secure, centralized location.
Benefits
- Lower costs of managing Windows networks.
- Simplify identity management by providing a single view of all user information.
- Boost security with the ability to enable multiple types of security mechanisms within a single network.
- Improve compliance by using Active Directory as a primary source for audit data.
Active Directory Rights Management Services
Your organization’s intellectual property
needs to be safe and highly secure. Active Directory Rights Management
Services, a component of Windows Server 2008, is available to help make
sure that only those individuals who need to view a file can do so. AD
RMS can protect a file by identifying the rights that a user has to the
file. Rights can be configured to allow a user to open, modify, print,
forward, or take other actions with the rights-managed information. With
AD RMS, you can now safeguard data when it is distributed outside of
your network.
Active Directory Federation Services
Active Directory Federation Services is a
highly secure, highly extensible, and Internet-scalable identity access
solution that allows organizations to authenticate users from partner
organizations. Using AD FS in Windows Server 2008, you can simply and
very securely grant external users access to your organization’s domain
resources. AD FS can also simplify integration between untrusted
resources and domain resources within your own organization.
Active Directory Certificate Services
Most organizations use certificates to
prove the identity of users or computers, as well as to encrypt data
during transmission across unsecured network connections. Active
Directory Certificate Services (AD CS) enhances security by binding the
identity of a person, device, or service to their own private key.
Storing the certificate and private key within Active Directory helps
securely protect the identity, and Active Directory becomes the
centralized location for retrieving the appropriate information when an
application places a request.
Active Directory Lightweight Directory Services
Active Directory Lightweight Directory
Service (AD LDS), formerly known as Active Directory Application Mode,
can be used to provide directory services for directory-enabled
applications. Instead of using your organization’s AD DS database to
store the directory-enabled application data, AD LDS can be used to
store the data. AD LDS can be used in conjunction with AD DS so that you
can have a central location for security accounts (AD DS) and another
location to support the application configuration and directory data (AD
LDS). Using AD LDS, you can reduce the overhead associated with Active
Directory replication, you do not have to extend the Active Directory
schema to support the application, and you can partition the directory
structure so that the AD LDS service is only deployed to the servers
that need to support the directory-enabled application.
