Active Directory Partitions

This video has been taken offline due a technical error.

The AD database is divided up into partitions for replication and administration. This video looks at the different partition types and how the partition type effects replication. This video will give you a deeper understanding of Active Directory allowing you to support it better.




Previous VideoNext Video

Download the pdf handout for this video from http://ITFreeTraining.com/Handouts/70-640/Part2/Active_Directory_Partitions.pdf

Partitions
Each Domain Controller has a copy of the Active Directory database store in a file called NTDS.DIT. The data in this file is divided into partitions. The partition type determines how it will be replicated throughout the forest. For example, the domain partition is only replicated to Domain Controllers in that domain, while the Global Catalog partition is replicated to all Domain Controllers in the forest.

Domain Partition
This partition is replicated only to Domain Controllers in that domain. Active Directory Users and Computers obtains it data from this partition. All Domain Controllers in that domain replicate changes to each other regardless of whether the Domain Controller is a global catalog server.

Global Catalog Partition
This partition is also referred to as Partial Attribute Set (PAS) in some documents. The partition contains a partial replica of all objects in the domain. It is replicated to all Global Catalog Servers in the forest.

The Global Catalog Partition is created automatically by software on the Domain Controller. This software copies some of the attributes for each object in the Global Catalog Partition. This information is replicated to other Domain Controllers inside and outside the domain. This is how, given enough time, all Global Catalog servers will have a partial replicate of all objects in the domain.

Schema Partition
The schema partitions define what can be stored in the Active Directory database. It essentially defines the layout of the database.  The schema partition is replicated to all Domain Controllers in the forest and defines the Active Directory database for all Domain Controllers in the domain.

Configuration Partition
This partition contains configuration information for the whole forest. For example, it contains information about sites in the forest and partition defined in the Active Directory database. This partition is replicated to all Domain Controllers in the forest.

Application Partition
The application partition is created by Applications to store their data. It is different from any other partition in that the application can choose which Domain Controller or Controllers to store the data on. The advantage for the application storing the data this way is that the application has access to the same replicate and fault tolerance used by the Domain Controllers. An example of an Application is DNS Integrated Active Directory Zones. When this zone type is used, the data is stored in an application partition.

Demonstration
ADSI Edit is a low level tool that can be used to modify data in the Active Directory database. It is recommended that you use the built in tools like Active Directory Users and Computers to modify data in the Active Directory database. These tools should only be used in rare troubleshooting scenarios in which the regular tools are not working as expected.

To install the schema snap run the following: regsvr32 schmmgmt.dll
Once installed, the schema snap in can be accessed by using mmc.

References
“MCTS 70-640 Configuring Windows Server 2008 Active Directory” pg 523,531-532,572
“Active Directory” http://en.wikipedia.org/wiki/Active_Directory
“How to Modify Attributes That Replicate to the Global Catalog” http://support.microsoft.com/kb/248717
“Directory Partitions “ http://technet.microsoft.com/en-us/library/cc961591.aspx
“How Active Directory Replication Topology Works” http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx