Recently, I’ve been learning more about Active Directory and how it is used in today’s modern networks. This article attempts to provide a general overview of Active Directory basics and utilizes the TryHackMe room titled “Active Directory Basics”, created by the user Cryillic, to get some hands-on experience with the service.
Active Directory is a directory service developed by Microsoft to manage Windows domain networks and is used to store information about network objects. The purpose of a directory service is to describe how network objects can be organized within an IT network, so as to allow IT administrators to control user access to these network resources. If a user wants to access a network resource, the directory service will require the user to authenticate their identity against the directory’s user database with a username and password. If the username and password are valid, the user can access that resource.
Directory Service.
Active Directory is compromised of a database and a set of services that connect users with network resources. The services control the activity that occurs in the network environment and the database contains information about the network objects. The main Active Directory service is Active Directory Domain Services (AD DS). Microsoft provides the following description for AD DS:
A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators. For example, AD DS stores information about user accounts, such as names, passwords, phone numbers, and so on, and enables other authorized users on the same network to access this information.
Any Windows server that has AD DS server role installed is called a Domain Controller (DC). Organizations can have multiple DCs, which are at the center of Active Directory and control the rest of the domain.
Domain Controller (DC).
The AD DS Store database (directory) contains information about the AD objects (i.e. users, computers, applications, printers, shared folders) in the domain and, is only accessible through the domain controller processes and protocols. It consists of the Ntds.dit file, a database that contains all of the information of an Active Directory DC as well as password hashes for domain users.
AD DS Store Data Directory.
When a DC is created, it comes with default **groups** and two default users (i.e. Administrator and Guest). The users and groups that are inside of an Active Directory are up to the administrator. The four main types of users you’ll find in an Active Directory network include: