ACTIVE DIRECTORY (AD) – COMPLETE GUIDE
Full Definition, Roles & Responsibilities
By Baijnath Singh
1️⃣ What is Active Directory (AD)?
Full Form:
Active Directory
Full Definition:
Active Directory is a Microsoft directory service used to manage users, computers, groups, permissions, and security policies in a Windows domain network.
Simple Words:
π AD manages users and passwords
π AD controls access to company resources
π AD provides centralized authentication
2️⃣ Why Active Directory is Used?
Active Directory is used for:
Centralized user management
Login authentication
Access control
Security policy management
Device management
Domain control
3️⃣ How Active Directory Works (Architecture)
User → Domain Controller → Authentication → Access Granted
Explanation:
1️⃣ User enters username & password
2️⃣ Domain Controller verifies credentials
3️⃣ If correct → Access allowed
4️⃣ If wrong → Access denied
4️⃣ Main Components of Active Directory
ComponentDefinitionDomainLogical group of users and computersDomain Controller (DC)Server that manages ADOU (Organizational Unit)Folder to organize users & computersGroupCollection of usersGPOGroup Policy Object for rulesForestCollection of domainsTreeGroup of domains
5️⃣ Active Directory Roles & Responsibilities (IT Administrator)
Daily Work of AD Administrator:
✔ Create new users
✔ Reset passwords
✔ Unlock user accounts
✔ Create groups
✔ Apply GPO policies
✔ Join computer to domain
✔ Remove inactive users
✔ Backup AD
✔ Monitor domain controller
✔ Manage permissions
6️⃣ User Management in Active Directory
Create User:
Steps:
Open Active Directory Users and Computers
Right click OU
Click New → User
Enter details
Set password
Important AD Commands (PowerShell)
Create user:
New-ADUser
Reset password:
Set-ADAccountPassword
Unlock user:
Unlock-ADAccount
Add user to group:
Add-ADGroupMember
7️⃣ AD Security Features
Password policy
Account lockout policy
Role-based access
Kerberos authentication
NTLM authentication
8️⃣ Types of Groups in AD
TypeUseSecurity GroupAssign permissionsDistribution GroupEmail purpose
9️⃣ Real Scenario Question (Important)
Q: User cannot login to domain. What will you check?
Answer:
✔ Check network connectivity
✔ Check DNS
✔ Check account locked
✔ Reset password
✔ Check domain controller status
π Active Directory Interview Questions & Answers
By Baijnath Singh
1️⃣ What is Active Directory (AD)?
Full Form:
Active Directory
Full Definition:
Active Directory is a Microsoft directory service used to manage users, computers, groups, permissions, and security policies in a Windows domain network.
Simple Words:
π AD manages users and passwords
π AD controls access to company resources
π AD provides centralized authentication
2️⃣ Why Active Directory is Used?
Active Directory is used for:
Centralized user management
Login authentication
Access control
Security policy management
Device management
Domain control
3️⃣ How Active Directory Works (Architecture)
User → Domain Controller → Authentication → Access Granted
Explanation:
1️⃣ User enters username & password
2️⃣ Domain Controller verifies credentials
3️⃣ If correct → Access allowed
4️⃣ If wrong → Access denied
4️⃣ Main Components of Active Directory
ComponentDefinitionDomainLogical group of users and computersDomain Controller (DC)Server that manages ADOU (Organizational Unit)Folder to organize users & computersGroupCollection of usersGPOGroup Policy Object for rulesForestCollection of domainsTreeGroup of domains
5️⃣ Active Directory Roles & Responsibilities (IT Administrator)
Daily Work of AD Administrator:
✔ Create new users
✔ Reset passwords
✔ Unlock user accounts
✔ Create groups
✔ Apply GPO policies
✔ Join computer to domain
✔ Remove inactive users
✔ Backup AD
✔ Monitor domain controller
✔ Manage permissions
6️⃣ User Management in Active Directory
Create User:
Steps:
Open Active Directory Users and Computers
Right click OU
Click New → User
Enter details
Set password
Important AD Commands (PowerShell)
Create user:
New-ADUser
Reset password:
Set-ADAccountPassword
Unlock user:
Unlock-ADAccount
Add user to group:
Add-ADGroupMember
7️⃣ AD Security Features
Password policy
Account lockout policy
Role-based access
Kerberos authentication
NTLM authentication
8️⃣ Types of Groups in AD
TypeUseSecurity GroupAssign permissionsDistribution GroupEmail purpose
9️⃣ Real Scenario Question (Important)
Q: User cannot login to domain. What will you check?
Answer:
✔ Check network connectivity
✔ Check DNS
✔ Check account locked
✔ Reset password
✔ Check domain controller status
π Active Directory Interview Questions & Answers
,%20Endpoint%20Detection%20and%20Response%20(EDR),%20and%20Extended%20Detection%20and%20Response%20(XDR).gif)
No comments:
Post a Comment