A Microsoft directory service that authenticates and authorizes users and computers in a Windows domain network.
- Used by SQL Server DBAs to: Manage Windows Authentication logins and group-based access control.
- Enables centralized user management: Granting and revoking database access through AD groups rather than individual SQL logins.
- Critical for compliance: AD integration supports auditable, role-based access required by HIPAA, SOX, PCI DSS, and similar frameworks.
- SQL Server can authenticate users via: Active Directory using Kerberos or NTLM protocols.
- Common DBA use cases: Managing SQL Server service accounts, enabling AD-based login groups, and enforcing least-privilege access.
- Relevant Idera tools: SQL Secure analyzes Active Directory permissions and SQL Server security posture to identify privilege misconfigurations.
