Directory Services

Active Directory Security

Microsoft® Active Directory® is part of the Windows 2000 trusted computing base and is a full participant in the Windows 2000 security infrastructure. Every object in Active Directory is protected by its own security descriptor. The system validates any attempt to access an object or attribute in Active Directory by verifying the access rights granted by the object security descriptor.

The following topics discuss important elements of Active Directory security:

For more information and code examples, see Controlling Access to Active Directory Objects.