Active Directory Domain Services (AD DS) has both physical and logical components. Physically, data is stored in the NTDS.dit file on domain controllers which replicate this data. Logically, the directory is partitioned with separate schema, configuration, domain and application partitions that each replicate independently. The schema defines object classes and attributes. Domains and domain trees group objects under a common namespace with transitive trust. Multiple domain trees make up a forest with a shared schema and configuration. Sites represent the physical network topology to optimize replication.
1. AD DS COMPONENTS
AD DS contains two type of
components
Physical components
Logical components
2. PHYSICAL COMPONENT
Data Store
All the data related to AD DS stores in a file that is NTDS.dit.
This file stores the directory information related to users,
services and application management. This file is located in
c:windowsNTDS folder.
Domain Controllers
Is a server in a domain which provides Active directory
Services in the network. It contains the data base of AD DS
and allow to manage user accounts and network resources.
Global Catalog Server
It is a Domain controller that contains the information about the
Active directory objects of all domains in a forest.
Read-Only Domain Controller (RODC)
4. PARTITION
The Active Directory database is logically separated into directory
partitions
Schéma partition:- Only one schema partition exists per forest. The schema
partition is stored on all domain controllers in a forest. The schema partition
contains definitions of all objects and attributes that you can create in the
directory, and the rules for creating and manipulating them.
Configuration partition:- There is only one configuration partition per forest.
Second on all domain controllers in a forest, the configuration partition
contains information about the forest-wide active directory structure including
what domains and sites exist, which domain controllers exist in each forest,
and which services are available. Configuration information is replicated to all
domain controllers in a forest
Domain partition:- Many domain partitions can exist per forest. Domain
partitions are stored on each domain controller in a given domain. A domain
partition contains information about users, groups, computers and
organizational units. The domain partition is replicated to all domain controllers
of that domain.
Application partition:- Application partitions store information about
application in Active Directory. Each application determines how it stores,
categorizes, and uses application specific information.
Each partition is a unit of replication, and each partition has its own
replication topology
5. SCHEMA
The Microsoft Active Directory schema contains
formal definitions of every object class that can be
created in an Active Directory forest. The schema
also contains formal definitions of every attribute
that can exist in an Active Directory object.
The following types of classes are defined by Active
Directory.
Structural Classes
Abstract Classes
Auxiliary Classes
6. DOMAIN
Domain is a logical group of objects which are
managed from a centralized location.
One or more computers are servers. Network
administrators use servers to control the security
and permissions for all computers on the domain.
This makes it easy to make changes because the
changes are automatically made to all computers.
7. DOMAIN TREE
The domain tree is a hierarchy of domains in AD
DS. The first domain creared is the root domain.
In domain tree, all domains share a comman or
contiguous namespace.
In domain tree the domains have transitive turst
with other domains in the tree.
8. FOREST
The forest is a outer most boundary of directory
services.
The forest is collection of domains or domain trees
which share a common directory schema and
configuration of the directory service.
There are two types of forest topologies:
Single forest
Multiple forest
9. SITES
Sites in Active Directory® represent the physical
structure, or topology, of the network. Active
Directory uses topology information, stored as site
and site link objects in the directory, to build the
most efficient replication topology. You use Active
Directory Sites and Services to define sites and site
links. A site is a set of well-connected subnets.
Sites differ from domains; sites represent the
physical structure of the network, while domains
represent the logical structure of the organization