Active Directory (AD)

The Windows-based directory service. Active Directory stores information about

objects on a network and makes this information available to users and
network administrators. Active Directory gives network users access to
permitted resources anywhere on the network using a single logon process. It
provides network administrators with an intuitive, hierarchical view of the
network and a single point of administration for all network objects.
Domain
In Active Directory, a collection of computer user and group objects defined by
the administrator. These objects share a common directory database, security
policies and security relationships with other domains.
In DNS any tree or sub tree within the DNS namespace. Although the names for
DNS domain often correspond to Active Directory domains, DNS domain should
not be confused with Active Directory domains.
Forest
One or more Active Directory domains that share the same class and attribute
definitions (schema), site and replication information (configuration), and
forest-wide search capabilities (global catalog). Domains in the same forest are
linked with two-way, transitive trust relationships.
Organisational Unit (OU)
An Active Directory container object used within domains. An organizational
unit is a logical container into which users, groups, computers, and other
organizational units are placed. It can contain objects only from its parent
domain. An organizational unit is the smallest scope to which a Group Policy
object (GPO) can be linked, or over which administrative authority can be
delegated.
Global Catalog
A directory database that applications and clients can query to locate any
object in a forest. The global catalog is hosted on one or more domain
controllers in the forest. It contains a partial replica of every domain directory
partition in the forest. These partial replicas include replicas of every object in
the forest, as follows: the attributes most frequently used in search operations
and the attributes required to locate a full replica of the object.
Site
One or more well-connected (highly reliable and fast) TCP/IP subnets. A site
allows administrators to configure Active Directory access and replication
topology to take advantage of the physical network.
Domain Naming System (DNS)
A hierarchical, distributed database that contains mappings of DNS domain
names to various types of data, such as IP addresses. DNS enables the location
of computers and services by user-friendly names, and it also enables the
discovery of other information stored in the database.
A well-designed Active Directory logical structure provides the following
benefits:

Simplified management of Windows networks that contain large numbers

of objects.

A consolidated domain structure and reduced administration costs.

The ability to delegate administrative control over resources as

appropriate.

Reduced impact on network bandwidth.

Simplified resource sharing.

Optimal search performance.

Low total cost of ownership.

Better control on Network resources

Controlled Desktop Environment

A well-designed Active Directory logical structure facilitates the efficient

integration of features such as Group Policy, enabling desktop lockdown,
software distribution, and user, group, workstation, and server administration,
into your system. In addition, a carefully designed logical structure facilitates
the integration of services such as Microsoft Exchange , Lotus Domino, public
key infrastructure (PKI), and domain-based distributed file system (DFS).
The AD service to be implemented at HDFC Bank Ltd must be considered as a
supporting service for many other services like file & print and desktop
services.
The following general (high-level) requirements regarding Active Directory
exist:
1. The AD must provide the service required by the Next Generation
infrastructure based on Microsoft Technology platform.
2. The AD must be scalable and flexible in order to support a smooth
transition from multi forest environment to Single forest / Single Domain
model.
3. AD service aligned to disaster recovery strategy.
4. AD service build according to local and Group specifications and best
practices.
5. The AD infrastructure is solely managed by HDFC Bank Ltd.
6. Migration of all existing Servers and Desktops on to New Active Directory
Platform.
7. Single forest architecture HDFC Bank Ltd
8. Control on desktop Environment and Server Environment
9. Centralised Infrastructure Management.
10.Consolidation of infrastructure.