Role of Active Directory in an Enterprise

Active Directory in Windows 2000 is a network directory service. Administrators use Active Directory to define, arrange, and manage objects, such as user data, printers, and servers, so that they are available to users and applications throughout the organization. Objects in Active Directory are logically organized into a hierarchical structure. The objects that create the overall structural hierarchy in Active Directory are:

• Domains. This is the core unit of Active Directory. A domain is a container of objects that share security requirements, replication processes, and administration. Active Directory uses a multi-master replication model in which all domain controllers are equal.
• Organizational units (OUs). An OU is a container object that is used to organize objects within a domain into logical administrative groups. Within a domain, OUs form a hierarchical structure based on the organization's administrative model.

Multiple domains within a single Active Directory can create additional structure in the form of:

• Trees. A tree is a hierarchical arrangement of one or more domains with a single root name. Domains within a tree share a common root domain name and share information through automatic trust relationships.
• Forests. A forest is a collection of one or more trees. Multiple trees within a forest do not share a common root domain name, but share information through automatic trust relationships. Multiple forests can share information only through explicit trusts.