Updated: November 25, 2009
Applies To: Windows Server 2008 R2
The directory service is a database with multiple data partitions, as well as the processes to maintain, manage, and secure the database. Domain controllers host and replicate the directory service database inside the forest. The directory service also provides services for managing and authenticating resources in the forest.
The following is a list of the managed entities that are included in this managed entity:
Lightweight Directory Access Protocol (LDAP) is the standard protocol that directory clients use to gain access to data that is held by directory servers. LDAP supports a relatively simple set of operations, such as bind, unbind, read, and modify. LDAP is the primary interface to Active Directory Domain Services (AD DS), and it is responsible for packaging and interpreting LDAP packets over the network.
Active Directory data is replicated as a database that is separated into several partitions. These partitions represent the major object categories that organize, manage, and secure domain resources. Administrators and services can define custom data partitions. For example, Domain Name System (DNS) data partitions are created when DNS information is integrated with Active Directory Domain Services (AD DS). The partitions that are created by default include the following:
The database itself consists of the Ntds.dit file and its related logs, which are stored in the NTDS folder on each domain controller by default. The folder location where the database is stored can be changed.
Another essential component of AD DS is the SYSVOL shared folder on each domain controller. The SYSVOL shared folder provides a location to which domain controllers replicate AD DS data to each other.