W3 Techie

Active Directory is a repository that records information of the entire network resources like users,groups, computer,domain controllers and makes it available to all the users.

Directory was used to create single centralized repository of information that securely manages a company resources. Active Directory is Microsoft trademark directory service which is released with Windows 2000 Server edition, and the extended functionality and Improved administration released in Windows 2003 Server Edition.

Before understanding the concept of Active Directory services, it is better to know the limitations in the previous versions i.e Windows NT 4.0 where helps us to understand why this feature is introduced.

Limits in Windows NT

* NT domains are flat entites where the multiple domains in the organisation are cannot be taken into hierarchial structure.
* Administration of multiple domains will be complicated quickly and management intensive.
* NT suits for small to medium business only, where it can handles only thousands of users only.

Why Active Directory:

* Significant Improvement Over Windows NT 4.0 domain
* An Object oriented Storage organisation which allows easier access to information.
* AD has centralized Administration Mechanism
* It provides Redundancy and Fault Tolerance when two or more domain controllers deployed within a domain.
* It provides Single point of access for Manageement of User accounts, Clients, Servers, Applications, Domain Controllers, Trusts, redundance and errors.

Directory Service

I hope you all aware the term 'directory services' is used to collects information about the specific resources and makes it available to the people whenever requested. For example, when you wants to find out for hospital in the city, You would give a call to the directory service provider and query for the hospital name, specialist, or by area. Here the name of the hospital is object and the properties of the objects are Address, Phone number, fax number, email id. You can find the hospital name from, Address, phone number very quickly since all the hospital information stored in the directory.

Directory Service in Windows

Same way in the network field people needs to find the specific user, group or computer from the entire network. Here the directory applies to store the all the resources in one

directory and the protocols used to makes it available to all the user. Windows NT server come with the domain model where there is no hierarchical structure available in it.

Domains are in the NT are flat entities which makes the entire organisation into Decentralized administration. So windows 2000 introduced the concept of Centralized Administration with the Directory Service which is used to store the all the objects in the entire network and makes it available to the user when queried. It also securely manages the objects within the active directory.

Requirements:

NTFS Partition
Administrator's username and password
Operating Sytem Version
Network Interface Card
Configured TCP/IP (IP address, subnet mask and - optional - default gateway)
Network connection (With crossover cable, hub, or switch)
DNS server
Domain name
The Windows 2000 or Windows Server 2003 CD media


Log Files
There are three files created in the Active Directory before updating the data into the ntds.dit file with 10 MB of each initially. They are.
Edb.log
Res1.log
Res2.log

SysVol
SysVol Folder contains the public information of the domain, information for replication, scripts and group policy objects.


Lost & Found Folder
This is the new feature introduced in Windows 20033 where you can find the objects missed due to replication conflict. For example, You created a user in OU which is deleted in another domain controller and when replication happened, ADS did not find the OU then it will place the user object in the lost & found folder.

Garbage Collection:
Garbage collection is the process of the online defragmentation of active directory which happens for every 12 Hours.

Active Directory Storage Location
Active Directory database is stored in one file called ntds.dit. The file extension .dit stands for Directory Information Tree. This file is located in the directory %systemroot%\WINNT\ntds\. and the can scalable upto 70 TB of file size.

Active Directory Schema

The Active Directory schema defines objects that can be stored in Active Directory. The schema is a list of definitions that determines the kinds of objects and the types of information about those objects that can be stored in Active Directory. Because the schema definitions themselves are stored as objects, they can be administered in the same manner as the rest of the objects in Active Directory. Normally called schema object or metadata .

Structure of AD
1)Physical structure
Sites ,Domain Controllers

2)Logical structures
Forest, Tree, Domain, OU


Active directory database engine

ESE (Extensible Storage Engine)


Active Directory Partitions

i)Schema partition
ii) Configuration Partition
iii) Domain Partition

Windows 2003 contains the below additional partition
iv)Application Partition

Tables available in NTDS database

i)Schema table
ii)Link Table
iii)Data table
iv)Configuration Table