Windows Server 2008’s Retooled Active Directory Services
Active Directory (AD) has been around since Windows 2000 and has changed the way that many administrators think about and actually manage domain environments. Microsoft has upped the ante again for the Windows Server 2008 version of AD. This tip will look at some of the newly reshaped services for Active Directory included with Windows Server 2008.
The 2008 release of AD has allowed Microsoft to configure more server side items to function as a part of the directory service. Active Directory for Windows Server 2008 includes the following services:
- Active Directory Certificate Services (AD CS) – provides functionality within AD to manage the issuing and revocation of certificates for users, client computers, and servers.
- Active Directory Domain Services (AD DS) – provides essential services for domain creation and data storage within the directory service. This service is the core of Active Directory and has been retooled for Windows Server 2008.
- Active Directory Federation Services (AD FS) – compliments domain services by allowing web clients to authenticate internally hosted web applications using the credentials authenticated by Active Directory. This will allow web applications to make use of Active Directory logons rather than requiring users to authenticate separately to access web services.
- Active Directory Lightweight Directory Services (AD LDS) – provides a data store for Active Directory enabled applications that do not require installation on a Domain Controller. AD LDS does not run as a service and will operate in both domain and workgroup environments. All applications that run on a server can make use of their own data store if necessary.
- Active Directory Rights Management Services (AD RMS) – allows data to be protected inside and outside of the enterprise. Email messages, internet content, and internal documents can be protected against unauthorized access. AD RMS uses a certificate to verify the user, computer, or service should be able to access the resource. When AD RMS trusts a resource, users can assign rights to information.
The newly integrated services have existed in previous versions of Windows as individual server components, however in Windows Server 2008 the functionalities have been Active Directory Integrated for simplified management and control.
