Active Directory uses both DNS and LDAP to communicate with clients. Clients use DNS to find Active Directory servers and LDAP to query those servers. (As discussed previously, the DNS used with Active Directory may be an independent server or may be integrated with Active Directory.) In addition, Active Directory uses Kerberos for authentication (for instance, when authenticating clients in order to perform dynamic updates).

To distribute information between servers, Active Directory can use either RPC or SMTP. RPC is the default mechanism, and it is used for all communications within a single site. SMTP can only be used between sites (partly because it is not allowed in situations where both servers can modify the same information; in updates that occur between sites, each piece of information is owned by one end of the transfer, whereas in updates within a site, there is normally information that can be modified by either machine). Regardless of the mechanism that's used to distribute information, servers must have access to each other's certificate information in order to communicate because information is transferred in encrypted form.

Active Directory uses valid electronic mail messages when it is transferring data via SMTP. There is no need for the replicating servers to communicate to each other directly; the messages can be routed like any other electronic mail. SMTP is not a particularly efficient or rapid method of transferring the data, but it is extremely flexible, and it is easier to provide securely through a firewall than RPC. Active Directory does try to maximize efficiency on links between sites (no matter which transport is in use) by transmitting only changes and compressing data.