Understanding ADAM architecture

Applies To: Windows Server 2003 R2

Architecture

Active Directory Application Mode (ADAM) uses the same architecture—and even the same code base—as Active Directory. ADAM provides a hierarchical data store, a directory service component, and interfaces that clients can use to communicate with the directory service. ADAM can run on any computer running Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition; or Windows XP Professional. ADAM does not require a domain controller or a DNS server. For information about considerations when running ADAM on Windows XP Professional, see Running ADAM on Windows XP Professional.

The following table lists the basic ADAM components, along with their Active Directory counterparts.

The following illustration shows the relationship between the components of ADAM. For information about the ADAM directory data store, see Understanding ADAM data and data stores.

Directory service

The ADAM directory service manages the directory data store. It responds to directory requests from directory clients, as well as from other directory services. The ADAM directory service runs in the security context of the account that is specified as the ADAM service account. The ADAM directory service provides all of the following functions:

• Authentication of directory users

• Fulfillment of data requests

• Data synchronization between directory servers (through multimaster replication)

• Data management

Notes

• ADAM manages replication by grouping ADAM instances into configuration sets. For more information about ADAM replication, see Understanding ADAM replication and configuration sets.

• The ADAM directory service allows or denies access to clients based on credentials that are provided by the clients. ADAM supports all the same authentication, or binding methods, as Active Directory. For more information about authentication and data security, see Understanding ADAM access control.

• ADAM service account requirements vary, depending on the computer on which ADAM is installed and also on the replication scenario. For more information, see Selecting an ADAM service account.

ADAM instances

In ADAM, a service instance (or, simply, instance) refers to a single running copy of the ADAM directory service. Unlike Active Directory, multiple copies of the ADAM directory service can run simultaneously on the same computer. Each instance of the ADAM directory service has a separate directory data store, a unique service name, and a unique service description that is assigned during installation. For more information about ADAM instances, see Administering an ADAM instance.

Directory service interfaces

ADAM provides directory service interfaces for communication with directory clients and other ADAM instances. ADAM provides a Lightweight Directory Access Protocol (LDAP) interface for clients for authentication and for making directory service requests. ADAM provides a remote procedure call (RPC) interface for replication with other ADAM servers and for administration.

Service dependencies

ADAM does not require the DNS service or the File Replication service (FRS). Clients address ADAM directly, using the name or Internet Protocol (IP) address of the computer on which ADAM is running, along with the communication port number used by the ADAM instance. Because ADAM does not require or rely on domains or domain controllers, ADAM replication does not require FRS.