<aside> 📌 Summary
</aside>
Active Directory (AD) is a Microsoft service that manages network resources, providing a centralized directory for user authentication and authorization. It allows users to log in, access resources, and simplifies network administration through user and computer management, group policy application, and security settings.
We can note several physical components of an Active Directory, like the RODC (Read-Only Domain Controller) or the Global Catalogue Server. However, let us focus on the most important ones :
Domain controller - DC
The domain controller is the server that governs the Active Directory. It is a server in charge of authentication and authorization, as well as providing administrative access to the users.
Active Directory Domain Service Data Store - ADDS Data Store
Often merged with the Domain Controller, the ADDS is the server that stores all the information about the Active Directory. Note that inside it is the ntds.dit file will be very important.
An Active Directory is composed of a Domain which is a directory that groups and maintain object as well as provides a boundary to manage them and their policies.
A domain can be constituted of subdomains like example.com would be with eu.example.com and as.example.com. Those are called Trees.
When we end with several domains with common schema or information, we can create Forest to share them as well as users or computers etc. While it exists, it should not be an important nor common encounter for junior pentester.
We can think of the ADDS Schema as the blueprint defining how will be every object in the Active Directory.
Class Objects
A class object is an object that can be created in the directory, among which we count the users or the computers.
Attribute Objects
An attribute object is information attached to another object, like, for instance, a display name.