DevOps Dictionary

Active Directory is Microsoft’s directory service for Windows domains that centralizes identity, authentication (proving who a user or computer is), and authorization (what they’re allowed to access). It stores accounts for users, groups, computers, and policies in a shared database and uses domain controllers to validate sign-ins and apply access rules consistently across the network, so administrators manage permissions and configuration once instead of per machine. With Active Directory, onboarding, offboarding, and policy changes propagate through the domain and can be audited; without it, identities and access controls are scattered across individual servers and workstations, increasing manual work and the chance of inconsistent permissions or orphaned accounts. This gap exists because AD provides a single source of truth plus replication between domain controllers to keep identity and policy data synchronized.