🖊️Author: Nairuz Abulhul

🌐 Blog: R3dbuck3t

Table of Contents

Domain Controller Overview

<aside> 💡 **A domain controller is a device running the active directory along with other components. Domain controllers are called multi-masters; every domain controller is authoritative, meaning they can respond and change anything within the forest.

Domain controllers need to talk to other domain controller within the forest. That’s why they have so many open ports.

Domains within the forest don't need to have the same DNS name (it is not a requirement), but they need to have the same schema configuration and global catalog partitions.

It is important to note that being a domain admin doesn't entail being a local administrator on the endpoints (clients or servers). The reason is that Windows devices (clients and servers) have a layer of security separation; a domain admin needs to be added to the local administrator's group to perform local administrator tasks (local NOT domain).

A domain controller doesn’t need to reach out to clients or servers within the forest. Windows clients/servers need to reach out to the domain controller to get the required information either for authentication or GPO policy, etc.**

</aside>

Domain Controller Components

  1. Active Directory Domain Services (AD DS): This is the core component of a domain controller, responsible for storing and managing the central database of user accounts and other directory objects, as well as providing authentication and authorization services.
  2. Domain Name System (DNS): This service is responsible for translating domain names into IP addresses, allowing users to access network resources using a friendly name rather than a numeric address.
  3. Group Policy: This component allows administrators to define and enforce security and configuration policies across the domain.
  4. Certificate Services: This component allows a domain controller to issue and manage digital certificates, which can be used for secure communication and authentication.
  5. Lightweight Directory Access Protocol (LDAP): This is a protocol used by domain controllers to communicate with other domain controllers and clients on the network.
  6. Kerberos: This is an authentication protocol used by domain controllers to verify the identity of users and devices before granting access to network resources.
  7. Network Time Protocol (NTP): This service synchronizes the time on all domain controllers and client devices in the domain, ensuring that all devices have accurate time stamps for security and audit purposes.

Supported Authentication Protocols

Active Directory Service

<aside> 💡 Active Directory is the authentication and authorization hub in a Windows domain network. It is a service runs on the domain controller.

</aside>

Active Directory components: