Create an Application Directory Partition

Applies To: Windows Server 2008

You can use Ldp.exe to manually add a new application directory partition to an existing instance of Active Directory Lightweight Directory Services (AD LDS).

Membership in the AD LDS Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To add an application directory partition to an existing AD LDS instance

  1. To open Ldp, click Start, point to Run, type ldp, and then click OK.

  2. Connect and bind to an AD LDS instance. For more information, see Manage an AD LDS Instance Using Ldp.exe.

  3. On the Browse menu, click Add child.

  4. In Dn, type a distinguished name for the application partition.

Note

Ensure that you type a valid application directory partition name that meets the established DNS name conventions and the current schema's rangeUpper constraints. For more information, see article 909264 (https://go.microsoft.com/fwlink/?LinkID=106629) and article 556086 (https://go.microsoft.com/fwlink/?LinkId=155079) in the Microsoft Knowledge Base.

  1. Under Edit entry, type ObjectClass in the Attribute box and domainDNS in the Values box, and then click Enter.

  2. Under Edit entry, type instanceType in the Attribute box and 5 in the Values box, and then click Enter.

  3. Click Run.

    After the new application directory partition is added, the following information appears in the details pane:

    Added {distinguished name}

    where distinguished name is the distinguished name that you typed in step 3.

  4. Click Close.

Note

Application directory partitions can be of any object class, but they must have a value of 5 for the instanceType attribute.

For more information, see Ldp.

Note

The following default containers are created for every new AD LDS application directory partition:

  • CN=LostAndFound – stores objects that were orphaned due to replication conflicts

  • CN=NTDS Quotas – stores quota information for the AD LDS objects

  • CN=Roles – stores default AD LDS groups