The Guide
Explain It Like I'm 5Active Directory

AD Object

What are they?

What Is An AD Object?

An active directory object can be either of the following:

Identity Objects

  • User
  • Machine (Computer)
  • Printer -> Used for computers to find all available printers easily
  • Shared Folders -> Same as printer object

Container Objects

Objects that contain other objects within them

  • Organizational Units (OUs) -> Used for easier searchability and GPO management
  • Group -> This is split to 2 types of groups:
    1. Security Groups -> Used to assign permissions
    2. Distribution Groups -> Allows sending emails to a group of people in Exchange
  • Domains -> Will contain every domain that is trusted by the current domain (along with subdomains)

Administrative Objects

  • Domain Controller -> A server that has the role of managing the AD environment
  • Sites -> Each site contains a list of domain controllers available to specific networks
    Used mainly to lower latency and reduce load on each DC
  • GPOs (Group policy objects) -> A set of managed settings that enforce specific restrictions on specified computers / OUs / groups
  • gMSA (Group Managed Service Account) -> A service account that is managed by the active directory environment and only specified (managed by admins) computers can access the account password

organizational unit (OU), printers, shared folders,

Which Types Of Objects Are There?

What's The Difference Between Them?

Why Do We Even Need It?

Object Attributes

What is it? How does it help us?

Authentication Protocols

What's an authentication protocol?

On this page

What Is An AD Object?Identity ObjectsContainer ObjectsAdministrative ObjectsWhich Types Of Objects Are There?What's The Difference Between Them?Why Do We Even Need It?