Containers and Leaves

Active Directory treats all parts of the network as objects. Objects come in three distinct flavors: Resources (printers, network storage, etc), Users (individual user accounts and user groups), and Services (email, etc.). Objects can also contain other objects – in fact this is the main infrastructure of Active Directory. It is heirarchical. Objects that contain other objects are called Containers, and objects that can contain no other objects (such as an individual user) are called leaf objects or leaves. Active Directory Domain Services contain a hierarchy of objects in which every object instance, except the root of the directory hierarchy, is contained by some other object. rules, in the Active Directory Schema, determine which object classes can contain instances of which other object classes.

Except for schema objects, that is, the classSchema or attributeSchema objects that define the classes and attributes that can exist in a server forest, any object in Active Directory Domain Services may be a container.

There are two types of containers :

• Default Container Objects : Computers, Users, BuiltIn and ForeignSecurityPrincipals

• Generic and Created Container Objects such as Site, Domain, Organizational Unit (OU)

More info :

https://www.brighthub.com/computing/windows-platform/articles/33795.aspxwww.brighthub.com

Conteneurs et feuilles - Win32 appsdocsmsft