Friday, September 28, 2007

What is in the .DIT DATABASE?

What is inside the .DIT database is one of the most asked question these days while we are interviewing several people were at work at present. Understanding .DIT database is the one of the most important skill when it comes to Active directory. Below is the description of partitions and what they do. If you want to see these partitions you will need to use ADSIEdit.msc which comes with support tools windows 2X server family.

Domain Partition

(Resident directory object)

This partition called RDO and stores below objects

  • User
  • Groups
  • Computer accounts
  • Organizational Units
  • All things you can see from ADUC.msc

All these are resident directory object lives in this partition. DNS zone data also can be found here under CN=Systems, CN=MicrosoftDNS

Schema Partition

Definition of an object is called schema, all domain controllers must be agree definition of an object, and this definition is replicated to all other domain controllers so all domain controllers is agree about the schema. Definition is replicated to all other Domain controllers in active directory FOREST. So all domain controllers are agree about the definition of Object

Configuration partitions

It contains information about all other domain controllers, lets every domain controllers know existence of other domain controllers, where they are, what are the names of those Domain controllers and so on. It stores information about services, including Microsoft Exchange

  • CN=Services
  • CN=Microsoft Exchange

Application partition (windows 2003 .DIT only)

Application partition DNS zone data stores here, therefore it information wont ger replicated to a DC's who are not DNS servers.This was not the case in Windows 2000 Active directory, DNS data was part of Domain parttion, therfore it replicated to other domain which were not DNS server. Microsoft fixed this issue by creating Application partition in windows 2003 .DIT Database.

Best Regards

Oz ozugurlu

No comments: