Active Directory (AD) is a Microsoft technology used to manage different devices on a network. It is a principal feature of Windows Server, an operating system that runs both local and Internet-based servers.
Active Directory enables network administrators to generate and manage domains, users, and objects inside a network. For example, an admin can create a group of users and give them certain access right to certain directories on the server. As a network grows in size, Active Directory provides a method to arrange a large number of users into logical groups and subgroups, while providing access control at each level.
Active Directory structure includes three main levels: 1) domains, 2) trees, and 3) forests. Several objects (users or devices) that all use the same database may be assembled into a single domain. Multiple domains can be merged into a single group called a tree. Multiple trees may be merged into a collection called a forest. Each one of these levels can be allocated certain access rights and communication privileges.