Microsoft’s Active Directory is a core component in virtually every enterprise network. When I looked at Centrify’s DirectControl for Mobile, I singled out its deep integration with Active Directory as a major feature and a leg up over some of the other mobile device management (MDM) suites on the market. That’s because Active Directory is an essential piece of technology infrastructure in the vast majority of businesses.
Despite being a Microsoft solution (and a feature of Windows Server), Active Directory is a technology that all Apple IT professionals should understand and have some skills in using. With the Xserve gone and OS X Server headed to more limited uses since the release of Lion last summer, Active Directory is becoming a de facto standard for Macs and iOS devices as much as it is for Windows PCs.
Active Directory is Microsoft’s enterprise directory service. It’s a combination of various technologies that accomplishes a lot of core jobs in business networks. At heart its a specialized LDAP database that’s coupled with several security and encryption technologies. It stores information about virtually every piece of an environment from the physical network and geographic locations to user accounts and managed settings to server-based resources. As vast as Active Directory is in terms of information it can store and manage out of the box, it can be expanded significantly using third party products and company-specific extensions designed by systems administrators and engineers.
Directory services create a centralized system for managing all kinds of critical data. They authenticate user login to workstations and servers, determine what access users have to specific files or other resources, apply management settings based on the individual user or group membership as well as based on particular computers, they can populate contact and other databases, and they can provide application and service specific settings like access to shared calendars.
The concept of a directory service holding all this information isn’t limited to Microsoft. Apple created a similar LDAP-based directory service for OS X called Open Directory. Anyone who’s been around the tech or business world probably remembers Novell, which created similar solutions. Unix and Linux distributions can also implement various directory services.
Active Directory has become a de facto standard in part because of Microsoft’s dominance in the corporate world but also because it is extremely flexible and scalable. In most companies a single server can’t handle all the directory related requests that it may get. Directory services use various means to share the load between servers, a process known as replication – something that Active Directory is designed to handle extremely well even when there are hundreds of servers (Microsoft suggests no more than 1200).
All of this makes Active Directory a great system to understand and managing it is a great IT skill set.
OS X can natively connect to Active Directory to use network accounts for user login, access to shared files and home folders, and use of some services. Some vendors, including Centrify, expand on Apple’s solution by creating their own directory services plug-in that can be loaded on a Mac such it supports more Active Directory features as well as to extend Active Directory to include additional features like centralized Mac and mobile device management.
The concept of extending Active Directory to support more devices and features seems to be growing along with expanding roles for other Microsoft technologies like Exchange (which OS X and iOS also support and which is another excellent Apple-related IT skill to pursue) and Microsoft’s System Center 2012 management utility, which third parties are already planning to extend as a multiplatform management solution.
With Apple letting other companies take on more and more of the Mac and iOS management roles in business environments, the writing is on the wall for IT professionals that specialize in both of Apple’s platforms – it’s time to start adding or updating some Microsoft enterprise tech skills.