Active Directory

Introduction

The Berkeley Lab Active Directory is an implementation of an LDAP directory service provided by Microsoft for Windows environments. It is the successor to the NT4 Windows domain environment that served the lab until the fall of 2005.

It provides a central location to store information about users, networked devices and services. A directory service is a database system (directory store) and a set of services that provide the means to securely add, modify, delete, and locate data in the directory store.

Active Directory positions the Lab to take advantage of asset management (hardware and software inventory), software deployment, license tracking and cyber security (minimum windows security) in the future.

IT Division Participation

The IT Division's Infrastructure Department maintains the Active Directory domain controllers and directory services software. A group within Infrastructure serves as Schema/Enterprise/Domain Administrators (EA). They install, configure, and maintain the Active Directory domain controllers for the LBL forest that supports the LBL AD infrastructure.

The User Support Department (representing the majority of the OU administrators and desktop support staff) will coordinate OU administrator participation in Active Directory. Regularly scheduled meetings will be convened for the purpose of information exchange.

The Institutional Systems Department has the overall responsibility for identity management, and will participate in the planning of any directory synchronization or authentication architecture change.

Top