📖 What is Active Directory?
Active Directory is Microsoft’s directory service that manages users, computers, and other network resources in a Windows domain environment. It centralizes authentication, authorization, and policy enforcement, simplifying administration and enhancing security across the network.
"The A+ exam focuses on practical implications: joining a computer to a domain, understanding the difference between local and domain accounts, and recognizing the role of Active Directory in centralized management. Do not expect in-depth schema or replication questions."
📚 Certification: CompTIA A+ Certification Exam Core 2 (220-1102)
🔑 What are the Key Concepts of Active Directory?
- ▸ Domain join is a core function, allowing computers to be centrally managed and inherit policies from the Active Directory domain controllers.
- ▸ User accounts in Active Directory can be local to a machine or domain-based, with domain accounts offering centralized authentication and permissions.
- ▸ Group Policy is a powerful feature enabling administrators to enforce configurations and settings across all computers and users in the domain.
- ▸ Active Directory relies on Domain Controllers (DCs) to store directory data and authenticate users; DCs replicate data for redundancy.
- ▸ Understanding the difference between a workgroup and a domain is crucial; workgroups are decentralized, while domains are centrally managed.
🎯 How does Active Directory appear on the 220-1102 Exam?
You may be asked to identify the steps required to add a new computer to an existing Active Directory domain, including providing credentials and rebooting.
A scenario might describe a user unable to log in; determine if the issue is related to domain connectivity, incorrect credentials, or account lockout.
Expect questions about the benefits of using Active Directory versus standalone (local) user accounts, focusing on centralized management and security.
❓ Frequently Asked Questions
What happens if a Domain Controller goes offline?
Active Directory is designed for redundancy. Other DCs will continue to authenticate users and provide services, though replication delays may occur until the failed DC is restored.
How does Active Directory relate to user permissions?
Active Directory manages user accounts and groups, and assigns permissions to resources (files, folders, printers) based on group membership or individual user rights.
Can a computer be a member of both a domain and a workgroup?
No, a computer can only be a member of one or the other. Joining a domain requires leaving any existing workgroup, and vice-versa, to establish trust and policy enforcement.