Active Directory is Microsoft's proprietary directory service. It runs on Windows Server and enables administrators to manage permissions.
Active Directory is Microsoft's implementation of the Lightweight Directory Access Protocol (LDAP) network application layer protocol. The LDAP protocol is used in so-called directory services. The directory service is nothing more than an extensive, hierarchical database containing information about users, user groups, computers, and network resources operating in corporate networks, where Microsoft servers work. It is nothing more than a collection of information about network users, their rights to various types of resources, the computers they work on, the configuration of these computers and so on.
Active Directory allows network administrators to centrally, from one computer (properly configured server) manage the entire set of users in the network, define their rights to network resources, and configure the computers they work on. This powerful tool definitely facilitates the administrator's work in networks with dozens of users and computers.
The entire Active Directory-related services consists of as many as five elements:
AD Domain Services.
AD Certificate Services.
AD Lightweight Directory Services.
AD Rights Management Services.
AD Federation Services.