Active Directory Terms and Technology

Glossary of Terms

Active Directory Definitions

  • cn = Common Name (think of as canonical name)
  • dc = Domain Component (think of as part of a domain name)
  • dn = Distinguished Name (think of as a full path)
  • ou = Organizational Unit (think of as a directory)

Service Account: A user object you create inside your OU that you use with an application, that wants to integrate with Active Directory. This is the account that Application uses to connect so it can be identified as a legitimate service.

Connect: To make a network connection to Active Directory on port 389 or 636. No name or password is supplied. You are connected but we do not allow you to do anything until you bind

Bind: To supply a name and password after connecting. We require Secure Binds

Secure Bind: To use encryption. We require secure binds. You can use either of the methods below; SSL or TLS. We recommend TLS - the current LDAP 3 standard for encryption.

TLS: To use the LDAP 3 standard of TLS. This is the modern successor to SSL. Lower overhead that SSL

LDAPS: To connect and bind on port 636; LDAP over SSL. The defacto practice of running LDAP over SSL. Requires certificates to be trusted in some cases. Higher overhead than TLS.