You are on page 1of 6


Database File

: Ntds.dit


: Directory Information Tree

Default Path

: \Windows\ntds\ntds.dit

Default size of ntds.dit

:10 MB (win 2000)
12 MB (win 2003)

Ntds.dit file is divided into multiple partitions. They are as follows

a) Schema Partition
b) Configuration Partition
c) Domain partition

d) Application Partition (only in case of windows 2003)
Note: Application Partition is not available in windows 2000


a) Active directory users and computers (or) dsa.msc
b) Active directory domain and trusts
c) Active directory sites and services
d) Active directory schema
Note: Active directory schema is hidden

It contains the object class and attributes. And also contains the source template
for the creation of the domain objects. Throughout the entire forest the same
schema will maintained. Schema admin only has the full control to edit the
schema partition. This schema is created during the root DC. Tool used to edit
this is Active directory schema.

and group objects membership information. active directory sited and services  Domain Partition o Domain admin. By default it is in root DC. authorized DHCP information …. APPLICATION PARTITION Application partition is only available in windows 2003.etc PERMISSIONS   Schema partition o Schema admin has the permission over this partition o Tool used is active directory schema Configuration Partition Enterprise admin has the permission over this partition o Tool used is active directory domain and trusts. Throughout the entire forest the same configuration partition will maintain. Enterprise admin has the full control over this partition. sited and names.It contains the information about the active directory integrated applications like DNS. Each and every domain has its own domain partition because it is entirely different compared to other domain. domains and its names.DOMAIN PARTITION Domain partition contains the entire domain objects like user accounts. CONFIGURATION PARTITION It contains the configuration parameters of the forest like how many trees. Administrator. trust relationship Etc. o Tool used is active directory users and computers . account operator has the permission. passwords. global catalog. Enterprise admin.

ADDITIONAL DOMAIN CONTROLLER . This domain partition is no way related With root domain or other domain partition. deletion. configuration and domain partitions is in R/W mode. They are 1) 2) 3) 4) 5) Schema master Domain Naming master PDC Emulator RID master Infrastructure master FOREST WIDE ROLES a) Schema master b) Domain naming master SCHEMA MASTER a) Responsible for maintaining schema partition in AD database b) Responsible for creation.NOTE: ROOT DC .All the three partitions schema.First two partitions schema and configuration Partition is in R/W mode and third partition is in Read mode. And the newly created domain partition is in R/W mode. CHILD DOMAIN CONTROLLER . modification and extending of entries in schema partition of AD database c) Schema master contains read write copy of schema partition . MANAGING OPERATION MASTERS [FSMO] FLEXIBLE SINGLE MASTER OPERATIONS There are five roles.First two partitions schema and configuration Partition will be in read mode which is replicated from Root DC.

account disabling f) Responsible for group policy templates replication between the domain g) Also responsible for avoiding the group policy template replication conflict . account renaming. password resetinf. By default administrator will be the member DOMAIN NAMING MASTER a) Responsible for creation of trees.0 based BDC’s b) Updates the password to the AD database which originates from the prewindows 2k clients c) Responsible for time synchronization for the entire forest with the help of time server d) Reduces the replication latency of the password changes between clients and DC e) Responsible for urgent replications between the DC’s in the case of account locking/unlocking.d) It is a forest wide role e) Throughout the entire forest only one schema will maintain f) Available only in root DC g) Schema admin will have the control over the schema master h) Tool used is AD schema i) Only the users from the root domain will be the member of schema admin. domains and child domains in the forest b) Responsible for maintaining unique names c) This should be global catalog d) It has the read write copy of configuration partition e) Enterprise admin has the full control f) It is a forest wide role g) For entire forest only one domain naming master will be maintain h) By default root dc is the domain naming master DOMAIN WIDES ROLES a) PDC Emulator b) RID master c) Infrastructure master PDC EMULATOR [Primary Domain Controller] a) It acts as a PDC for NT 4.

log 1) ntds. It uses the transaction log file as the reference.log res2.) AGDLP strategy MANAGING ACTIVE DIRECTORY DATABASE FILES IN “NTDS” FOLDER a) b) c) d) e) ntds.chk edb. RID MASTER [Relative Identification] a) Responsible for assigning RID’s for each every domain objects b) Root RID masters assigns the pool of RID’s to the child RID masters c) Maintains unique ID’s even after moving the objects between the domains d) It Responsible for maintaining the object uniqueness e) It is a domain wide role INFRASTRUCTURE MASTER a) It is a domain wide role b) It is Responsible for interchanging the domain infrastructure information to the other domain (E.dit edb.log res1.g.It is a actual database file.It is responsible for tracking the changes/updates occurred in the Database. Check point file is in terms of KB .h) This is domain wide role i) Each and every domain has the PDC emulator j) Domain admin and administrator rights are enough for this. Size: 10 MB (win 2000) 12 MB (win 2003) 2) edb.chk .dit .

4) res1. We cannot able to access the file only Engine has the permission.log . Once the 10 MB is full it will be rename a Automatically. .3) edb.log - Each and every transactions occurred in the database will be logged.log & res2.For reserving 20 MB free space when the HDD run out of disk space. Minimum and Maximum log file size is 10 MB. It is a extensive database transaction log file.