Active Directory Domain Services 概觀Active Directory Domain Services Overview

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

Directory 是階層結構儲存在網路上的物件的相關資訊。A directory is a hierarchical structure that stores information about objects on the network. Directory 服務,例如 Active Directory Domain Services (AD DS) 提供用於儲存 directory 資料,並讓網路使用者和系統管理員可以使用此資料的方法。A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators. 例如,AD DS 儲存帳號,例如名稱、密碼、電話號碼,等等的相關資訊,並讓其他授權的使用者在相同網路存取此資訊。For example, AD DS stores information about user accounts, such as names, passwords, phone numbers, and so on, and enables other authorized users on the same network to access this information.

Active Directory 物件的資訊儲存在網路上,並讓輕鬆,系統管理員的使用者來尋找並使用此資訊。Active Directory stores information about objects on the network and makes this information easy for administrators and users to find and use. Active Directory 使用 directory 資訊的邏輯、階層組織為基礎結構化的資料儲存區。Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information.

此資料存放區,也就是 directory 包含 Active Directory 物件的相關資訊。This data store, also known as the directory, contains information about Active Directory objects. 這些物件通常會包含例如伺服器、磁碟、印表機和網路使用者和電腦帳號共用的資源。These objects typically include shared resources such as servers, volumes, printers, and the network user and computer accounts. 如需有關 Active Directory 資料存放區的詳細資訊,請查看Directory 資料存放區For more information about the Active Directory data store, see Directory data store.

登入驗證及存取控制物件 directory 透過整合 Active Directory 安全性。Security is integrated with Active Directory through logon authentication and access control to objects in the directory. 單一網路登入的系統管理員可以管理 directory 資料與組織整個網路,並授權的網路使用者可以存取網路上的任何位置點一下資源。With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. 原則管理易於管理即使是最複雜的網路。Policy-based administration eases the management of even the most complex network. 如需有關 Active Directory 安全性的詳細資訊,請安全性概觀。For more information about Active Directory security, see Security overview.

Active Directory 也包含:Active Directory also includes:

  • 一組規則的架構、類物件定義和中所包含的屬性 directory 的限制和限制這些物件的執行個體與其名稱的格式。A set of rules, the schema, that defines the classes of objects and attributes contained in the directory, the constraints and limits on instances of these objects, and the format of their names. 如需有關架構,查看結構描述。For more information about the schema, see Schema.

  • A通用包含每個中 directory 物件的相關資訊。A global catalog that contains information about every object in the directory. 這可讓使用者和系統管理員,尋找 directory 資訊無論 directory 中的網域確實包含的資料。This allows users and administrators to find directory information regardless of which domain in the directory actually contains the data. 如需通用,查看通用的角色。For more information about the global catalog, see The role of the global catalog.

  • A查詢和索引機制,以讓物件和他們屬性可以發行和網路使用者的應用程式中找到。A query and index mechanism, so that objects and their properties can be published and found by network users or applications. 如需有關查詢 directory,查看尋找 directory 資訊。For more information about querying the directory, see Finding directory information.

  • A複寫服務,將 directory 資料分散網路。A replication service that distributes directory data across a network. 網域中的所有網域控制站參與複寫和包含完整的所有它們 domain directory 資訊副本。All domain controllers in a domain participate in replication and contain a complete copy of all directory information for their domain. 複製所有網域中的網域控制站 directory 資料的任何變更。Any change to directory data is replicated to all domain controllers in the domain. 有關更多複寫 Active Directory,查看複寫概觀。For more information about Active Directory replication, see Replication overview.

了解 Active DirectoryUnderstanding Active Directory

本章節提供核心 Active Directory 概念連結:This section provides links to core Active Directory concepts:

Active Directory 概念的詳細清單,請查看了解 Active DirectoryFor a detailed list of Active Directory concepts, see Understanding Active Directory.