The following terms will help you better understand some of the concepts in this article. Most, though not all, pertain specifically to Windows 2000's (Win2K's) Active Directory (AD).

Schema. The schema is a description of the object classes and their attributes that the AD stores. The schema defines each attribute an object class must have, additional attributes it can have, and the object classes that can be its parent.

Tree. A tree comprises multiple domains that trust relationships connect and that share a common schema and configuration, forming a contiguous namespace. The AD is a set of one or more trees.

Forest. A forest is a set of one or more trees that don't form a contiguous namespace but do share a common configuration, schema, and Global Catalog (GC). All trees within a forest trust one another through transitive, hierarchical Kerberos trust relationships. Forests don't need distinctive names because they exist as a set of cross-referenced objects and Kerberos trust relationships known to their member trees.

Global Catalog. The GC contains a partial replica of every user-naming context in the directory, as well as schema- and configuration-naming contexts. The GC contains attributes that users most frequently use in search operations (e.g., a user's first and last name). Thus, the GC lets users quickly locate objects without needing to know what domain holds them. The AD replication system automatically builds the GC.

Globally unique ID. A globally unique ID (GUID) is a unique 128-bit number that the system assigns to objects after it creates them. This number never changes, even if the system renames or moves the object. An algorithm generates the GUID and guarantees it is unique.