Microsoft’s Active Directory Security Feature
Active Directory is the terminology that associates with Microsoft servers and desktops. It originated and developed in 1996 and was the first to be implemented in a Windows 2000 machine. In short, active directory hierarchical directory structure which was used to store information and data that is related to Networks and Domains.
Some of the new security features supported by Active Directory that includes atomic permissions, extended right sets that supports groups of many attributes and ACL inheritance. Permissions can be inherited which is also known as Inherited Permission that can be found from Active Directory’s Access Control. Child object can be applicable when a Access Control List (ACL) is set on a parent object. Inherited Permission functionality is very useful as there are many in understanding exactly whereby Microsoft implemented this feature in Active Directories. Active Directory’s permissions is not dynamic and is based on static inheritance, in static inheritance, ACL copied each and every child object whereas dynamic inheritance does not copied all the changes that is made to the objects.
Some of the best practices of Active Directory Security are that it uses forwarders instead of secondary ones, by doing so it ensures that the Domain Controllers are highly restricted, stabilized password policies, account lockout, regular monitoring and maintain revised.
References:
Hello Bee Ying, your post research on Active Directory was good and information was sufficient. Your layout of the blog is also good as it looks very neat and organized.
ReplyDeleteYour post relates to Active directory and its educational and understandable in regards to Active Directory as it clearly explains the security features.
Maybe you can insert images to better facilitate readers to understand what Active Directory is.
Your post benefits readers as it helps them to gain more knowledge with regard to Active Directory security.