Scribd
Upload
114 views

03 - Object in Active Directory PDF

An object in Active Directory represents something on the network like a user, computer, printer or folder. Objects have attributes that define them and are distinguished by different attribute values. Objects can be organized into containers like domains, organizational units or groups to simplify administration and security. The most common object types are users, computers, groups, shared folders and printers.

Uploaded by

Maninderpal Singh Virdi
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
114 views

03 - Object in Active Directory PDF

An object in Active Directory represents something on the network like a user, computer, printer or folder. Objects have attributes that define them and are distinguished by different attribute values. Objects can be organized into containers like domains, organizational units or groups to simplify administration and security. The most common object types are users, computers, groups, shared folders and printers.

Uploaded by

Maninderpal Singh Virdi
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

What is Object (in Active Directory)?

The basic element of Active Directory in Microsoft Windows 2000 that represents
something on the network, such as a user, a group, a computer, an application, a printer,
or a shared folder.

How It Works
Objects have attributes that define and describe them. For example, the attributes of a
user object might include the user’s name, e-mail address, and phone number. All
objects of the same type or class have the same set of attributes, but they are
distinguished from each other by having different values for at least one of these
attributes. Some attributes are required to have values (such as the First Name
attribute of a user object), while other attributes can be optional (such as Telephone
Number).

You can group objects by placing them into container objects (containers) such as the
ones following:

Domains:
The fundamental units of Active Directory that share common administration,
security, and replication requirements. Domains can also be grouped into domain
trees and forests to reflect the administrative structure of an enterprise.

Organizational units (OUs):


Container objects that are used to organize other directory objects. OUs make
possible the hierarchical structure of Active Directory, in which objects are
grouped according to common functions and purposes to simplify network
administration. The hierarchical grouping of objects and OUs also simplifies the
process of searching Active Directory for information about network resources.

 
Access to an object in Active Directory is based on the object’s discretionary access
control lists (DACLs), which list the users and groups authorized to access the object
and their access levels. You can group objects with similar security requirements into
OUs to simplify assignment of permissions to the objects and to facilitate
administration and control of network resources. You can assign permissions to
objects by using Active Directory Users and Computers, a snap-in for Microsoft
Management Console (MMC).

Objects can be referenced by name by using

Distinguished names:
Analogous to absolute paths of objects within a file system. The distinguished
name of an object specifies complete information about the object’s location
within Active Directory and includes the domain name, names of OUs that it
belongs to, and the name of the object itself. Each object in Active Directory must
have a unique distinguished name.

Relative distinguished names:


Analogous to relative paths of objects in the current directory of a file system. The
relative distinguished name of an object is the portion of the distinguished name
that is unique to the object. Any two objects in the same OU must have unique,
differing relative distinguished names.

The most common types of objects in Active Directory are as follows:

User account objects:


Required for users to log on to the network.

Group objects:
Collections of user accounts, computers, or other groups created for
organizational purposes or for assigning permissions to shared resources.

Computers:
Represent machines that belong to the domain.

Shared folders:
Pointers to shared folders on a server on the network. If you create a shared folder
on a computer running Windows 2000, an associated shared folder object is
automatically created in Active Directory.

Printers:
Pointers to printers on the network. If you create a network printer on a machine
running Windows 2000, an associated printer object is automatically created in
Active Directory.

OUs:
Containers for organizing other objects in a hierarchical fashion.

You might also like