DNS is required by Active Directory, so you can definitely expect this to be a popular topic on exam 70-291 (as well as many of the other MCSA/MCSE exams). There is no getting around it - you must learn as much as possible about DNS. However, before you jump into DNS, you need to know exactly what Active Directory is.

So what exactly is Active Directory? In the simplest terms, it is a directory service. A directory service stores information about objects that are all somehow related to one another. For example, a telephone directory stores names and phones number of people within a specific city in a central location. A directory service provides a similar function in that it stores information about network objects within a domain in a central location simplifying the process of locating and managing resources.

Microsoft’s implementation of a directory service is called Active Directory. Active Directory basically provides the following benefits:

• Provides a way of centrally organizing and managing network resources

• Network resources can be administered from a central location
• Users only need to provide a single logon to access resources throughout the forest.

Active Directory stores information about network resources in a central location. The objects created within Active Directory represent the resources on the network such a printers, shares, computers, and users. Even domain controllers, servers, and domains themselves appear as objects within Active Directory. In any case, having objects stored in a central location makes them much simpler to administer.

Active Directory provides administrators with a way of organizing resources in such a way that makes it easier to locate. Users do not need to know the exact location of an object, the exact name of an object, nor do they need to perform extensive searches trying to locate them. Rather they can search the central directory based on object attributes. This is a welcome change from Windows NT where users had to search multiple servers, possibly multiple domains trying to locate network objects.

Active Directory also eliminates the need for users to have multiple logon names to access resources in other domains. Users only need to log on once to gain access to resources throughout Active Directory.

Closely related to Active Directory is LDAP. The Lightweight Directory Access Protocol is an industry standard directory service protocol that runs over TCP/IP. It’s the main protocol used to query and retrieve information in Active Directory. LDAP defines how information stored in a directory can be accessed and the operations that can be performed. LDAP defines how a client:

• Accesses a directory service

• Shares directory information
• Finds objects
• Queries objects
• Administers objects