What database Active directory contains?
- 5 Answers
- 21666 Views
- HP, IBM, Infosys, Infotech, Symantec, I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / ashok
Active Directory data store, the actual database file, is %
SystemRoot%\ntds\NTDS.DIT. The ntds.dit file is the heart
of Active Directory including user accounts. Active
Directory's database engine is the Extensible Storage
Engine ( ESE ) which is based on the Jet database used by
Exchange 5.5 and WINS. The ESE has the capability to grow
to 16 terabytes which would be large enough for 10 million
objects. Back to the real world. Only the Jet database can
maniuplate information within the AD datastore.
The Active Directory ESE database, NTDS.DIT, consists of
the following tables:
Schema table
the types of objects that can be created in the Active
Directory, relationships between them, and the optional and
mandatory attributes on each type of object. This table is
fairly static and much smaller than the data table.
Link table
contains linked attributes, which contain values referring
to other objects in the Active Directory. Take the MemberOf
attribute on a user object. That attribute contains values
that reference groups to which the user belongs. This is
also far smaller than the data table.
Data table
users, groups, application-specific data, and any other
data stored in the Active Directory. The data table can be
thought of as having rows where each row represents an
instance of an object such as a user, and columns where
each column represents an attribute in the schema such as
GivenName.
From a different perspective, Active Directory has three
types of data
Schema information
definitional details about objects and attributes that one
CAN store in the AD. Replicates to all domain controllers.
Static in nature.
Configuration information
configuration data about forest and trees. Replicates to
all domain controllers. Static as your forest is.
Domain information
object information for a domain. Replicates to all domain
controllers within a domain. The object portion becomes
part of Global Catalog. The attribute values (the actual
bulk of data) only replicates within the domain.
Although GUIDs are unique, they are large. AD uses
distinguished name tag ( DNT ). DNT is a 4-byte DWORD value
which is incremented when a new object is created in the
store. The DNT represents the object's database row number.
It is an example of a fixed column. Each object's parent
relationship is stored as a parent distinguished name tag (
PDNT ). Resolution of parent-child relationships is
optimized because the DNT and PDNT are indexed fields in
the database.
The size of ntds.dit will often be different sizes across
the domain controllers in a domain. Remember that Active
Directory is a multi-master independent model where updates
are occuring in each of the ADs with the changes being
replicated over time to the other domain controllers. The
changed data is replicated between domain controllers, not
the database, so there is no guarantee that the files are
going to be the same size across all domain controllers.
Active Directory routinely performs online database
defragmentation, but this is limited to the disposal of
tombstoned objects. The database file cannot be compacted
while Active Directory is mounted. An ntds.dit file that
has been defragmented offline ( compacted ), can be much
smaller than the ntds.dit file on its peers. To defrag
ntds.dit offline
| Is This Answer Correct ? | 24 Yes | 1 No |
Answer / praveen kumar reddy.ch
AD contain NTDS.DIT file it is database of Active director.
so all information will store in NTDS.DIT(new techonologe
directory services.directory information tree)
| Is This Answer Correct ? | 9 Yes | 4 No |
Answer / pinaki dey
active directory stored in sysvol and ntds.
sysvol hold schema records,
ntds holds database,
active directory = registry+database
| Is This Answer Correct ? | 5 Yes | 1 No |
Answer / srinivas
it is user identity,computers,groups,services and resourses.it provides user logon and authentication services using KERBEROS protocol. it contains centralized database and centralized management.
| Is This Answer Correct ? | 0 Yes | 0 No |
what purpose we are using the ARP ? what purposes we are using ip config?
What is shadow it?
What are the vulnerabilities according to the extended CERT Taxonomy?
What is the sense of a fingerprint?
What is the idea behind the Bell-La Padula model?
What is the difference between ripv1 & ripv2?
How long can a ddos attack last?
What is a security policy?
What are manageable and non manageable switches?
What is the difference between cybersecurity and information security?
What protects the Clark Wilson model?
How to implement PIX firewall security?
Networking Protocols 
