Identity & Access · Beginner

Active Directory

Active Directory is Microsoft's on-premises directory service. It stores user, group, and computer objects and authenticates and authorizes them inside a Windows domain.

Request a Demo Browse Team Training

For IT leaders

Most enterprises still depend on Active Directory; tiering, hardening, and recovery readiness directly determine ransomware blast radius.

Why IT teams care

Where this shows up at the team level

AD is still the source of truth for many enterprises even with Entra ID in front of it.
Tier 0 hardening, privileged access workstations, and AD recovery are recurring engagements.
Hybrid identity with Entra Connect requires steady operational care.

In production

Where teams encounter it

Domain controllers running AD DS in on-prem and hybrid environments
Group Policy applied to users and computers
Hybrid-identity sync to Microsoft Entra (Azure AD)

How it works

How Active Directory actually works

01Domain controllers host the AD database, replicate it among themselves, and authenticate users and computers.
02Objects (users, groups, computers, OUs) are organized in a hierarchy that mirrors how the organization manages them.
03Permissions on resources are checked against group memberships in AD using Kerberos and NTLM.
04Group Policy delivers configuration to domain-joined machines based on user and computer location in the OU tree.

In practice

Common team use cases

Single sign-on inside the corporate network for Windows resources
Centralized configuration of Windows endpoints via Group Policy
Hybrid identity feeding cloud apps via Entra ID

Build the capability

Each link routes to a hub that goes deeper than this definition.

Related concepts

Close the team gap

Turn this concept into team capability

CBT Nuggets builds expert-led team training that closes the gaps definitions only describe. Talk to sales about a plan that fits your team.

Request a Demo See team pricing