Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Networking >> Networking Security
  2. Suggest New Category

What database Active directory contains?

Question Posted / ashok

Answer Posted / ashok


Active Directory data store, the actual database file, is %
SystemRoot%\ntds\NTDS.DIT. The ntds.dit file is the heart
of Active Directory including user accounts. Active
Directory's database engine is the Extensible Storage
Engine ( ESE ) which is based on the Jet database used by
Exchange 5.5 and WINS. The ESE has the capability to grow
to 16 terabytes which would be large enough for 10 million
objects. Back to the real world. Only the Jet database can
maniuplate information within the AD datastore.

The Active Directory ESE database, NTDS.DIT, consists of
the following tables:

Schema table
the types of objects that can be created in the Active
Directory, relationships between them, and the optional and
mandatory attributes on each type of object. This table is
fairly static and much smaller than the data table.
Link table
contains linked attributes, which contain values referring
to other objects in the Active Directory. Take the MemberOf
attribute on a user object. That attribute contains values
that reference groups to which the user belongs. This is
also far smaller than the data table.
Data table
users, groups, application-specific data, and any other
data stored in the Active Directory. The data table can be
thought of as having rows where each row represents an
instance of an object such as a user, and columns where
each column represents an attribute in the schema such as
GivenName.
From a different perspective, Active Directory has three
types of data

Schema information
definitional details about objects and attributes that one
CAN store in the AD. Replicates to all domain controllers.
Static in nature.
Configuration information
configuration data about forest and trees. Replicates to
all domain controllers. Static as your forest is.
Domain information
object information for a domain. Replicates to all domain
controllers within a domain. The object portion becomes
part of Global Catalog. The attribute values (the actual
bulk of data) only replicates within the domain.
Although GUIDs are unique, they are large. AD uses
distinguished name tag ( DNT ). DNT is a 4-byte DWORD value
which is incremented when a new object is created in the
store. The DNT represents the object's database row number.
It is an example of a fixed column. Each object's parent
relationship is stored as a parent distinguished name tag (
PDNT ). Resolution of parent-child relationships is
optimized because the DNT and PDNT are indexed fields in
the database.

The size of ntds.dit will often be different sizes across
the domain controllers in a domain. Remember that Active
Directory is a multi-master independent model where updates
are occuring in each of the ADs with the changes being
replicated over time to the other domain controllers. The
changed data is replicated between domain controllers, not
the database, so there is no guarantee that the files are
going to be the same size across all domain controllers.

Active Directory routinely performs online database
defragmentation, but this is limited to the disposal of
tombstoned objects. The database file cannot be compacted
while Active Directory is mounted. An ntds.dit file that
has been defragmented offline ( compacted ), can be much
smaller than the ntds.dit file on its peers. To defrag
ntds.dit offline

Is This Answer Correct ?    24 Yes 1 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

Diff bet ripv1 & ripv2?

987

What is site-to-site vpn?

963

What is RIS?

1041

Explain for a small lan which class of addressing is used?

973

Difference between the communication and transmission.

997

How long can a ddos attack last?

1229

What is a Smart Card or Chip Card or Integrated Circuit Card (ICC)?

983

How do we do authentication with message digest(md5)?

974

What are Digrams and Trigrams

1151

What are the main components of the CERT Taxonomy?

3970

Explain what is the role of single sign on in authentication technologies?

1063

What factors would you consider before deploying a web intrusion detection system?

978

What is malware?

1022

What is the sense of a fingerprint?

1084

How does network security work?

986