Introduction to ADDS

Active Directory Domain Services

Active Directory Domain Services (AD DS) is the core directory service technology in Windows Server

  • AD DS is a specific service within the Active Directory suite that provides domain-based identity and access management.

  • AD DS manages core directory functions, such as user authentication, authorization, policy enforcement, domain management, domain controller replication, and organizational unit (OU) structuring.

  • It organizes network resources (like users, groups, and computers) into domains, forests, and organizational units, enabling centralized administration and policy application.

  • AD DS is the backbone of a Windows domain, where users and resources are managed centrally for networked environments.

Core Protocols and Technologies

  1. LDAP (Lightweight Directory Access Protocol):

  • LDAP is the main protocol for querying and managing directory information in AD DS.

  • It enables applications to access and modify directory data like users, groups, and computers, typically over TCP port 389 (unencrypted) and TCP port 636 (SSL/TLS encrypted).

  1. Kerberos:

  • Kerberos is the default protocol for authentication in AD DS, providing secure, ticket-based authentication.

  • It enables Single Sign-On (SSO), allowing users to access multiple resources with one login session.

  • It operates over UDP/TCP port 88.

  1. DNS (Domain Name System):

  • AD DS relies on DNS for name resolution and domain controller location.

  • DNS helps clients and services locate domain controllers, an essential part of AD DS infrastructure.

  1. DCE/RPC (Distributed Computing Environment / Remote Procedure Call):

  • DCE/RPC is a remote procedure call (RPC) protocol used by MSRPC, allowing computers to request services or communicate over a network.

  • It is particularly important for Active Directory replication and communication between domain controllers. The DCE/RPC protocol allows for the secure exchange of data and service requests in the AD DS environment.

  • DCE/RPC uses TCP port 135 for initial communication and dynamic port assignment for the RPC sessions.

Legacy Protocols and Technologies

  1. NTLM (NT LAN Manager):

  • A legacy protocol supported in AD DS for backward compatibility with applications or systems that don’t use Kerberos.

  • NTLM is primarily used over TCP port 445 for certain authentication scenarios.

  1. LLMNR (Link-Local Multicast Name Resolution)

  • LLMNR was introduced in Windows Vista and later as a local network name resolution method when DNS is unavailable or doesn't resolve the name.

  • It operates over IPv4 (UDP port 5355) and IPv6, and allows devices on the same local subnet to resolve names to IP addresses without requiring a central DNS server.

  • LLMNR uses multicast rather than broadcast (like NetBIOS) and is often used in home networks or small environments where setting up DNS isn't feasible.

  1. NetBIOS (Network Basic Input/Output System):

  • NetBIOS is an older protocol used for session-level communication between computers over a local area network (LAN).

  • In the context of AD DS, NetBIOS is used for name resolution and browsing within a domain.

  • NetBIOS over TCP/IP (NBT) provides backward compatibility for applications and services that still rely on NetBIOS names rather than DNS.

  • NetBIOS uses TCP port 137 (Name Service), TCP port 138 (Datagram Service), and TCP port 139 (Session Service).

PreviousIntroduction to Active DirectoryNextBuilding an Active Directory Lab

Last updated