Microsoft has announced that a version of Active Directory lightweight version (AD LDS) of Active Directory for Windows7 is available for download. AD LDS provides directory services for directory-enabled application. Administrators will be able to use this version without the domain control oversight that is normally needed for Active Directory.
AD LDS comes with support for Windows 7 Enterprise; Windows 7 Professional; and Windows 7 Ultimate.
AD LDS independently provides directory storage and access for applications, so AD LDS uses the same standard application programming interfaces (APIs) as the full functioning Active Directory to manage and access the application data. The benefit for applications that require directory services, but do not require the complete infrastructure features of Active Directory is less overhead at the client level.
Active Directory Technologies: Full and Lightweight
- Administrators have a choice of which DS to use. Both AD LDS and AD DS use the same core directory service technologies, but they are designed to address different needs in an organization.
- Domain And Forest: The structure of AD DS allows it to be used throughout the entire forest. This provides directory services for both the Windows server operating system and for directory-enabled applications. For the server operating system, AD DS stores critical information about the network infrastructure, users and groups, network services, and so on.
- Applications: AD LDS provides directory services specifically for directory-enabled applications. AD DS domains or forests are not necessary . However, in environments where AD DS exists, AD LDS can use AD DS for the authentication of Windows security principals.
- AD LDS and AD DS can run concurrently in the same network. In addition, AD LDS can support both domain users and workgroup users simultaneously.
Directory – Enabled Applications
The directory structure is frequently preferable to a flat file data storage structure to hold its data. Many common or custom applications use a directory design. For example customer relationship management (CRM) applications, human resource (HR) applications, and global address book applications often use this directory approach.
There are other hierarchical services besides AD LDS. Relational databases is another. Both provide data storage and retrieval, but they differ in how they are optimized. Directory services are optimized for read processing, while relational databases are optimized for transaction processing. In general administrators will be in a position to implement a directory service if the application reads data more frequently than it writes data. But they should consider implementing a relational database, like SQL Server 2005, or 2008 if the application writes or modifies data more frequently than it reads data.
What else? Directory Services is very functional. They also provide such benefits as distributed architecture; another feature is identity data storage which is common to applications and platforms throughout an enterprise; a flexible data schema; and fine-grained access policies.
Using AD LDS
An instance of Active Directory Lightweight Directory Services (AD LDS) is a single running copy of AD LDS. Multiple copies of AD LDS can run simultaneously on the same computer. This is not true for AD DS, the full service. This improves availability and load balancing when instances are replicated across multiple servers. Multiple instances of AD LDS have their own separate directory, as well as a unique service name, and a unique service description that is assigned when the instance is created. Duplication or conflicts are avoided this way.
By bringing the functionality of AD LDS to Windows7, Microsoft has improved the active directory operation by focusing the services to the applications that need it without the overhead of domain controller services.