Chapter 4

Working with Active Directory


Bullet Learning Active Directory basics

Bullet Configuring Active Directory objects in Windows Server 2019

Most system administrators have worked with or will at some point in their careers work with Active Directory. Most become familiar with Active Directory Users and Computers, because they use it in their daily work. But that’s such a small part of what Active Directory contains.

In this chapter, I fill you in on what Active Directory is, what it does, and what the different components in Active Directory are.

Active Directory 101

Active Directory is a directory service. It’s used to store user accounts, computer accounts, group policies, and all kinds of records.

An Active Directory forest is the top level in the hierarchy. Each forest serves as a security boundary and is created by default with a root domain. Other domains can be created within the forest, though they must share the same namespace as the forest (this namespace matches the underlying DNS zones). For instance, if your forest’s namespace is, the domains in that forest can be things like or

Domains are the next tier down from forests in the Active Directory hierarchy. Active Directory domains are a collection ...

Get Windows Server 2019 & PowerShell All-in-One For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.