If
you are a computer administrator for a large corporation or organization, you
can easily update all end users computers with new software, patches, files,
etc simply by updating one object in a forest or tree.
Because
each object fits into a set schema and has specific attributes, a network
administrator can easily clear a person on a set tree or instantly give access
to some users for certain applications or deny access to certain users for
others. The Microsoft servers use trust to determine whether or not access
should be allowed. Say for example the two types of trust that Microsoft Active Directory incorporate are
transitive trusts and one way non transitive trusts. A transitive trust is when
there is a trust that goes further than two domains in a set tree, meaning two
entities are able to access each other’s domains and trees.
A
one way transitive trust is when a user is allowed accessed to another tree or
domain, however, the other domain does not allow access to the other domains.
This can be summed up as a network administrator and end user. The network
administrator can access most trees in the forest including a specific end
user's domain. However the end user, while able to access his or her own
domain, cannot access other trees.
It
is important to note that Active Directory Management is a great way to organize a large organization or
corporation's computers data and network. Without Active Directory Tools, most end users would have computers that
would need to be updated individually and would not have access to a larger
network where data can be processed and reports can be created. While active
directories can be extremely technical and require lots of expertise to
navigate, they are essential to storing information and data on networks.