Active Directory (AD) is a directory service implemented by Microsoft for Windows domain networks. It is included in most Windows Server operating systems.
An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user.
Active Directory makes use of Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft’s version of Kerberos, and DNS.
LDAP (Lightweight Directory Access Protocol)
The Lightweight Directory Access Protocol (LDAP) is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.
Directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number.
That’s how the AD of Ericsson Domain Looks Like
From the AD all the related information can be used using the Search option on the Top
If we check any users properties we can see all the attributes assigned to him/her.
Member of Tab will provide us all the information related to all User Group which user is member of. This is a very important section to identify and resolve the access issues.