NIST's guidance for a Zero Trust Architecture

Active Directory Fundamentals

Comparison of Active Directory and Windows NT

It is at this juncture (when centralized computing and resource management was a demand that grew imperative every day) that Microsoft came up with Windows NT, which simplified and enhanced the domain-centric approach to resource management in its directory service. Soon, Microsoft enhanced NT further and introduced Active Directory, which provided everything expected of a multipurpose directory service including:

  • User and Resource management
  • Security Services
  • Centralized directory management
  • Directory enabled infrastructure
  • Directory enabled applications

To function as a multipurpose directory service, there are some core requirements that must be met. The requirements include scalability, management of active directory objects, simple and flexible security. By comparing Windows NT with Active Directory, we will be able to understand how Active Directory succeeds in functioning as a multipurpose directory service and the extent of enhancement it has upon its predecessor.

FeaturesWindows NTActive Directory
ScalabilityMaximum database size is 40 MB with a maximum of 40,000 users.Maximum database size is 16 TB with millions of objects per forest.
Schema ExtensibilityDoes not support the addition of new objectsSchema is fully extensible
Access methodologiesSupports Microsoft APISupports LDAP based access to objects. LDAP is the standard protocol used by directories.
ReplicationSingle master replicationMultimaster replication across the domain controllers
AdministrationPer-domain basisAdministration boundaries can vary from the entire forest level to individual attribute level of an object
Name ResolutionNetBIOS is usedDNS is used
Trust relationshipSimple trust relationship.Transitive trust relationship.
Eg. If domain A trusts Domain B and if Domain B trusts Domain C, there is no automatic trust created between Domains A and CEg. If domain A trusts Domain B and if Domain B trusts Domain C, there is automatic trust created between Domains A and C

Most importantly, the growth of Active Directory over Windows NT is obvious because of its capability to satisfy the requirements to function as a multipurpose directory service.

Related posts
Active Directory Fundamentals

Creating objects in active directory

Active Directory Fundamentals

Understanding Active Directory Objects

Active Directory Fundamentals

Active Directory Objects List

Active Directory Fundamentals

Framework of Active Directory

Leave a Reply

Your email address will not be published. Required fields are marked *