Active Directory is a directory service used to store information about the network resources across a domain and centralize the network. An 'Active Directory' (AD) structure is a hierarchical framework of objects. The objects fall into three broad categories: resources (e.g., printers), services (e.g., email), and users (user accounts and groups). The AD provides information on the objects, organizes the objects, controls access and sets security.  

A Site object in Active Directory represents a physical geographic location that hosts networks. Sites contain objects called Subnets. Sites can be used to Assign Group Policy Objects, facilitate the discovery of resources, manage active directory replication, and manage network link traffic. Sites can be linked to other Sites. Site-linked objects may be assigned a cost value that represents the speed, reliability, availability, or other real property of a physical resource. Site Links may also be assigned a schedule.

Forests, trees, and domains: The AD framework that holds the objects can be viewed at a number of levels. At the top of the structure is the forest. The forest is a collection of every object, its attributes, and rules (attribute syntax) in the AD. The forest, tree, and domain are the logical parts in an AD network. The AD forest contains one or more transitive, trust-linked trees. A tree is a collection of one or more domains and domain trees, again linked in a transitive trust hierarchy. Domains are identified by their DNS name structure, the namespace.

FSMO Roles: Flexible Single Master Operations (FSMO, sometimes pronounced "fizz-mo") roles are also known as operations master roles. Although the AD domain controllers operate in a multi-master model, i.e. updates can occur in multiple places at once, there are several roles that are necessarily single instance:

Schema Master: Controls and handles updates/modifications to the Active Directory schema

Domain Naming Master: Controls the addition and removal of domains from the forest if present in root domain  

PDC Emulator: Provides backwards compatibility for NT4 clients for PDC operations (like password changes). The PDCs also run domain specific processes such as the Security Descriptor Propagator (SDPROP), and is the master time server within the domain.

RID Master: Allocates pools of unique identifier to domain controllers for use when creating objects

Infrastructure Master: Synchronizes cross-domain group membership changes. The infrastructure master cannot run on a global catalog server (GCS) (unless all DCs are also GCs.)

Trust: To allow users in one domain to access resources in another, AD uses trusts. Trusts inside a forest are automatically created when domains are created. The forest sets the default boundaries of trust, not the domain, and implicit, transitive trust is automatic for all domains within a forest. As well as two-way transitive trust, AD trusts can be shortcut (joins two domains in different trees, transitive, one- or two-way), forest (transitive, one- or two-way), realm (transitive or nontransitive, one- or two-way), or external (nontransitive, one- or two-way) in order to connect to other forests or non-AD domains.

Trusts in Windows Server (native mode)  

·       One-way trust - One domain allows access to users on another domain, but the other domain does not allow access to users on the first domain.

·       Two-way trust - Two domains allow access to users on the other domain.

·       Trusting domain - The domain that allows access to users from a trusted domain.

·       Trusted domain - The domain that is trusted; whose users have access to the trusting domain.

·       Transitive trust - A trust that can extend beyond two domains to other trusted domains in the tree.

·       Intransitive trust - A one way trust that does not extend beyond two domains.

·       Cross-link trust - An explicit trust between domains in different trees or in the same tree when a descendant/ancestor (child/parent) relationship does not exist between the two domains.

Windows Server - supports the following types of trusts:

·       Two-way transitive trusts.