ManageEngine ADManager Plus :: Help Documentation
ManageEngine ADManager Plus :: Help Documentation
ManageEngine ADManager Plus :: Help Documentation
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Active Directory Terminologies<br />
<strong>ManageEngine</strong> <strong>ADManager</strong> <strong>Plus</strong> :: <strong>Help</strong> <strong>Documentation</strong><br />
Some of the commonly used Active Directory terminologies and their definitions are<br />
given below:<br />
Discretionary Access Control Lists (DACLs) - The part of the security descriptor of<br />
the Active Directory object that grants or denies access to the object. Only the owner of<br />
the object can change the permissions in the DACL.<br />
System Access Control Lists (SACLs) - The part of the security descriptor of the<br />
Active Directory objects that specify the events, such as file access, system shutdowns,<br />
and so on, that have to be audited on a per-user or per-group basis.<br />
Access Control Entries (ACEs) - An entry in the object's access control lists that<br />
determines security principles and the permissions associated with it.<br />
Security Identifiers (SIDs) - A unique number associated with each User account,<br />
Group, and Computer account. The Windows internal processes refer to these SIDs<br />
rather than the account or group names to uniquely identify these objects.<br />
Security Descriptors - The data structure associated with the Active Directory object<br />
that specifies the permissions granted or denied to the users and groups (DACL) and the<br />
owner of the object. It also specifies the events that have to be audited (SACL).<br />
Security Principals - Active Directory objects, such as Users, Groups, and Computers,<br />
that have an Security ID associated with it is referred to as Security Principals.<br />
ZOHO Corp. 13