What database Active directory contains?
- 5 Answers
- 21689 Views
- HP, IBM, Infosys, Infotech, Symantec, I also Faced
- E-Mail Answers
Answer Posted / ashok
Active Directory data store, the actual database file, is %
SystemRoot%\ntds\NTDS.DIT. The ntds.dit file is the heart
of Active Directory including user accounts. Active
Directory's database engine is the Extensible Storage
Engine ( ESE ) which is based on the Jet database used by
Exchange 5.5 and WINS. The ESE has the capability to grow
to 16 terabytes which would be large enough for 10 million
objects. Back to the real world. Only the Jet database can
maniuplate information within the AD datastore.
The Active Directory ESE database, NTDS.DIT, consists of
the following tables:
Schema table
the types of objects that can be created in the Active
Directory, relationships between them, and the optional and
mandatory attributes on each type of object. This table is
fairly static and much smaller than the data table.
Link table
contains linked attributes, which contain values referring
to other objects in the Active Directory. Take the MemberOf
attribute on a user object. That attribute contains values
that reference groups to which the user belongs. This is
also far smaller than the data table.
Data table
users, groups, application-specific data, and any other
data stored in the Active Directory. The data table can be
thought of as having rows where each row represents an
instance of an object such as a user, and columns where
each column represents an attribute in the schema such as
GivenName.
From a different perspective, Active Directory has three
types of data
Schema information
definitional details about objects and attributes that one
CAN store in the AD. Replicates to all domain controllers.
Static in nature.
Configuration information
configuration data about forest and trees. Replicates to
all domain controllers. Static as your forest is.
Domain information
object information for a domain. Replicates to all domain
controllers within a domain. The object portion becomes
part of Global Catalog. The attribute values (the actual
bulk of data) only replicates within the domain.
Although GUIDs are unique, they are large. AD uses
distinguished name tag ( DNT ). DNT is a 4-byte DWORD value
which is incremented when a new object is created in the
store. The DNT represents the object's database row number.
It is an example of a fixed column. Each object's parent
relationship is stored as a parent distinguished name tag (
PDNT ). Resolution of parent-child relationships is
optimized because the DNT and PDNT are indexed fields in
the database.
The size of ntds.dit will often be different sizes across
the domain controllers in a domain. Remember that Active
Directory is a multi-master independent model where updates
are occuring in each of the ADs with the changes being
replicated over time to the other domain controllers. The
changed data is replicated between domain controllers, not
the database, so there is no guarantee that the files are
going to be the same size across all domain controllers.
Active Directory routinely performs online database
defragmentation, but this is limited to the disposal of
tombstoned objects. The database file cannot be compacted
while Active Directory is mounted. An ntds.dit file that
has been defragmented offline ( compacted ), can be much
smaller than the ntds.dit file on its peers. To defrag
ntds.dit offline
| Is This Answer Correct ? | 24 Yes | 1 No |
Post New Answer View All Answers
What is Cross Site Request Forgery and how to defend against it?
Explain what is difference between arp & rarp? How both of these protocols will work, and where it will use?
What is threat-focused ngfw?
What is network access control?
What is malware?
What is the difference between routable and non- routable protocols
What is difference between baseband and broadband transmission
What is RIS?
How the telecommunicaton is working?I have heared that one control will be there for asia countries for other countries there will be another,what is that how they work?
Explain what are digital signatures and smart cards?
congestion at network due to buffer overflows and packet dropping leads to a message confidentiality threat named.....
How does arp works?
How does dlp work?
What is Cross site scripting?
What does cia stand for in security management?
