An organizational unit (OU) is a container that logically organizes and groups Active Directory objects within domains. OUs are not part of the DNS namespace. They organize Active Directory objects into logical administrative groups. OUs therefore serve as containers in which users can create and manage Active Directory objects.

An Introduction to the Active Directory Features
With the release of Microsoft Windows Server 2003 quite a few enhancements and features were introduced that were not previously available in Windows 2000.

A group can be defined as a collection of accounts that are grouped together so that Administrators can assign permissions and rights to the group as a single entity. This removes the need for an Administrator to individually assign permissions and rights to each account.

An Overview of Forests and Domains
A domain is a collection of computers and resources that share a common security database, in this case, the Active Directory database. Computers in the domain also have a common namespace. A namespace is the hierarchical grouping of service and object names that are stored in Active Directory and DNS.

Understanding the Operations Master Roles
Active Directory operates in a multi-master replication manner. What this means is that each domain controller in the domain holds a readable, writable replica of the Active Directory data store. In multi-master replication, any domain controller is able to change objects within Active Directory.

The Limitations of the Windows NT Domain Model and Network Security
With Windows NT, domains were utilized to manage users, and to manage and secure network resources. A domain is the logical grouping of servers and network resources under a single domain name.

In the Windows NT domain model, domains had to be bound together through trust relationships simply because the SAM databases used in those domains could not be joined. What this meant was that where a domain trusted another Windows NT domain, the members of the domain could access network resources located in the other domain.

Through Group Policy, a wide variety of user and computer configuration settings can be applied to users and computers in Active Directory.

As an Administrator, ensuring the availability and reliability of the Windows Server Active Directory directory service is extremely important if you are running Active Directory within your environment. Performance problems and poor availability leads to users being unable to perform their tasks or duties within the organization.

The Global Catalog (GC) is an important component in Active Directory because it serves as the central information store of the Active Directory objects located in domains and forests.