Active Directory (AD)The Windows-based directory service. Active Directory stores information about objects on a network and makes this information available to users and network administrators. Active Directory gives network users access to permitted resources anywhere on the network using a single logon process. It provides network administrators with an intuitive, hierarchical view of the network and a single point of administration for all network objects.DomainIn Active Directory, a collection of computer user and group objects defined by the administrator. These objects share a common directory database, security policies and security relationships with other domains.In DNS any tree or sub tree within the DNS namespace. Although the names for DNS domain often correspond to Active Directory domains, DNS domain should not be confused with Active Directory domains.ForestOne or more Active Directory domains that share the same class and attribute definitions (schema), site and replication information (configuration), and forest-wide search capabilities (global catalog). Domains in the same forest are linked with two-way, transitive trust relationships.Organisational Unit (OU)An Active Directory container object used within domains. An organizational unit is a logical container into which users, groups, computers, and other organizational units are placed. It can contain objects only from its parent domain. An organizational unit is the smallest scope to which a Group Policy object (GPO) can be linked, or over which administrative authority can be delegated.Global CatalogA directory database that applications and clients can query to locate any object in a forest. The global catalog is hosted on one or more domain controllers in the forest. It contains a partial replica of every domain directory partition in the forest. These partial replicas include replicas of every object in the forest, as follows: the attributes most frequently used in search operations and the attributes required to locate a full replica of the object.SiteOne or more well-connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure Active Directory access and replication topology to take advantage of the physical network.Domain Naming System (DNS)A hierarchical, distributed database that contains mappings of DNS domain names to various types of data, such as IP addresses. DNS enables the location of computers and services by user-friendly names, and it also enables the discovery of other information stored in the database.

A well-designed Active Directory logical structure provides the following benefits:

Simplified management of Windows networks that contain large numbers of objects.

A consolidated domain structure and reduced administration costs.

The ability to delegate administrative control over resources as appropriate.

Reduced impact on network bandwidth. Simplified resource sharing. Optimal search performance. Low total cost of ownership. Better control on Network resources Controlled Desktop Environment

A well-designed Active Directory logical structure facilitates the efficient integration of features such as Group Policy, enabling desktop lockdown, software distribution, and user, group, workstation, and server administration, into your system. In addition, a carefully designed logical structure facilitates the integration of services such as Microsoft® Exchange , Lotus Domino, public key infrastructure (PKI), and domain-based distributed file system (DFS).The AD service to be implemented at HDFC Bank Ltd must be considered as a supporting service for many other services like file & print and desktop services.The following general (high-level) requirements regarding Active Directory exist:

1. The AD must provide the service required by the Next Generation infrastructure based on Microsoft Technology platform.

2. The AD must be scalable and flexible in order to support a smooth transition from multi forest environment to Single forest / Single Domain model.

3. AD service aligned to disaster recovery strategy.4. AD service build according to local and Group specifications and

best practices.5. The AD infrastructure is solely managed by HDFC Bank Ltd.6. Migration of all existing Servers and Desktops on to New Active

Directory Platform.7. Single forest architecture HDFC Bank Ltd8. Control on desktop Environment and Server Environment9. Centralised Infrastructure Management.10.Consolidation of infrastructure.