Remember when you started college and they gave you a username and password to use on the school’s computer network? With your username and password, you were able to log onto any computer that was on the network, and upon startup you would have access to all of the files and drives to which your account was granted permission. All of your personal settings would be enabled, and it was as though any computer on the network that you logged onto became your personal computer for the moment. That’s the easiest way to put Active Directory into perspective.
Active Directory Basics
The basics of Active Directory are that it’s a database system that connects all of the individual machines within your network, makes information easy to access from anywhere, and allows the network administrators to grant permissions to specific users. While the first two elements are important for the purposes of running your business efficiently, the most critically valuable element of using Active Directory for your business is the control that it provides to your network administrators.
What is Active Directory?
For starters, all of the user account and password information for your entire network is stored in a single, protected location, which is beneficial to your company’s security. By using Active Directory to connect all of your users and machines on a single network, you’re able to oversee the activities that go on throughout the entirety of your company from a single access point. This means that you can monitor productivity, the transfer of information, and anything else that occurs on your network.
What Can a Network Admin Do Through Active Directory?
Not everyone within your organization necessarily needs access to all of the files/documents that are relevant to your company. With Active Directory, you can grant individual users permission to access any files/drives that are mapped on the network so that all parties involved can use the resources as needed. Furthermore, you can specify even more precise permissions. To illustrate this, let’s look at an example:
Suppose your company has a directory on the network for all HR-relevant documents. This could include any forms that employees may need to submit to HR (formal requests, formal complaints, etc.). Let’s also say that there’s a spreadsheet in the directory that lists when employees will be out of the office on vacation. Your network administrator can give all users read-only access to this directory, meaning that they can view the documents, and even print them out, but they’re unable to make any changes to or delete the documents. The administrator can then give extended permissions to your HR manager/director or anyone else in HR who would need to edit the files that are stored within the directory.
Another tremendous plus for network administrators using Active Directory is that they can perform network-wide updates all at once. When all of your machines are standalone, acting independently from one another, your network administrators would have to go machine-to-machine every time updates need to be made. Without Active Directory, they’d have to hope that all of your employees updated their machines on their own. Let’s be honest, how often does that go off without a hitch?