-
Physical
- Data Store - AD DS data store contains the DB files and processes that store and manage directory information for users, services, and applications
- consists of NTDS.dit file
- is stored by default in the %SystemRoot%\NTDS folder on all domain controllers
- is accessible only through the domain controller processes and protocols
- Domain controllers - is a server with the AD DS server role installed
- host a copy of AD DS directory store
- provide auth and authorization services
- replicate updates to other DC in the domain and forest
- allow administrative access to manage user accounts and network resources
- Global catalog server
- Read-Only Domain Controller (RODC)
- Data Store - AD DS data store contains the DB files and processes that store and manage directory information for users, services, and applications
-
Logical
- partitions
- Schema - defines every type of object that can be stored in the directory; enforces rules regarding object creation and configuration
- Class object - User/Computer
- Attribute object - Display name
- Domains - used to group and manage objects in an organization
- Domain trees - hierarchy of domains in AD DS
- contoso.com --> emea.contoso.com
--> na.contoso.com
- contoso.com --> emea.contoso.com
- Forests - collection of domain trees
- Sites
- Organization Units (OUs) - are AD containers that can contain users, groups, computers, and other OUs
- Trusts - Directional/Transitive
- Objects
- User
- InetOrgPerson
- Contacts
- Groups
- Computers
- Printers
- Shared folders