Active Directory Diagram

Active Directory (AD) is a directory service developed by Microsoft Corporation for Windows domain networks. It presents a service of catalogues management where the list (catalogue) of network objects and the information about them (objects attributes) are kept. These could be names of users and the information about them such as access rights, contacts information and others. Besides simple objects such as users, Active Directory contains the information about such big structural units as domains, sites and Organizational Units (OU).

Active Directory service gives a simple and quick access to this data. For instance, if only one of object’s attributes is known to you, you can create a query for getting the information about all Active Directory objects having such an attribute, which is very convenient for big organizations.

To make the work with the network structure of Active Directory more convenient, network administrators can use Active Directory Diagram. Such diagram lets plan and service the existing network quicker and more qualitatively and presents the clear picture of the network structure in graphical format.

With the help of ConceptDraw DIAGRAM extended with Active Directory Diagrams Solution from the Computer and Networks Area you can easily and quickly create the highly detailed Active Directory Diagram.

Example 1. Active Directory Diagram - Structure Diagram

Active Directory uses Lightweight Directory Access Protocol (LDAP). LDAP operates above TCP/IP and defines ways of address and access to objects between the client and Active Directory server. Accordingly to LDAP protocol each object in catalogue has its unique Distinguished Name, and this name distinguishes the object from other Active Directory objects and also prompts where the given object is located. Distinguished Name consists of common name (CN) and domain component – domain constituent. Common name defines an object or a container in which this object is positioned whereas the domain component defines the domain where this object is located. Besides in the distinguished name there could be indicated the organization which the object belongs to.

Logical elements of the Active Directory are objects, containers (OU), trees, domains and forests.

Object is a definite set of attributes having its unique name e.g. a user of the network. Accordingly to LDAP protocol, each object in the catalogue has its unique Distinguished Name and this name distinguishes it from other objects of Active Directory and also hints us where the given object is located.

Unlike the object, the container does not have physical presentation, and presents the totality of objects and other containers in the network structure.

The tree defines the hierarchy and ties between objects.

Domain is a separate safety area in the structure of the computer network. Correspondingly domains tree is the totality of domains connected between each other in a certain consecution. Domain tree can be presented in the form of a tree of established trusting relations between domains or in the form of the tree on the basis of a space of names.

The forest is the totality of several trees which do not create uninterrupted area of names. All trees of the forest have the same scheme, configuration and global catalogue. All trees are connected by trusting relations by the Kerberos protocol. The forest in contrast to a tree must not have a distinguished name. The forest exists as the totality of objects, cross links and trusting relations by the Kerberos protocol, known to trees which form this forest.

Site is a location in the network, where servers of services of Active Directory catalogues are kept. Active Directory diagram represents the scheme of correlations of service components with the preset degree of the detailed elaboration. For example this can be the level of objects or the level of sites.

Designing the Active Directory Diagram in ConceptDraw DIAGRAM use the extensive drawing tools of the Active Directory Diagrams Solution, templates, samples, and variety of ready-to-use objects from the solution's libraries.

Example 2. Active Directory Diagram - AD LDS as a Phone Book Service

Active Directory Diagram also allows to present the network structure in graphical format using the vector elements and symbols that all can be found in Active Directory Diagrams Solution from the Computer and Networks Area of ConceptDraw DIAGRAM software and ConceptDraw STORE application is an inalienable part of our product developed especially for such purpose: to make life easier in terms of helping our clients grow and succeed in their business.

Example 3. Active Directory Diagram in ConceptDraw STORE

All source documents are vector graphic documents. They are available for reviewing, modifying, or converting to a variety of formats (PDF file, MS PowerPoint, MS Visio, and many other graphic formats) from the ConceptDraw STORE. The Active Directory Diagrams Solution is available for all ConceptDraw DIAGRAM or later users.