Active Directory : Behind the Directory

Hi Friends, As you know Active Directory is the main database for Centralized Administration of Enterprise Environment, i want to share something with you about this extra-ordinary directory service.

  • Active Directory will be installed on a stand alone Windows Server 2000/2003/2008 operating systems when we run dcpromo command. It is an integrated module which resides hidden until we run dcpromo.

  • Active Directory stores all most all information about an enterprise. Which includes user accounts, computer accounts,  user groups, group policies, shared folders, network printers, etc. All this information is stored in the Active Directory Database. The files associated with the Active Directory database are located under C:\Windows\NTDS and the files are as follows…

    Active Directory Files


    This is the main file for Active Directory. All the AD information will be stored in this file.


    When a change is triggered to AD database, first the information will be written to this file, and the same will be then written to ntds.dit. The AD performance depends on how fast the updates will be transferred from edb.log to ntds.dit

    res1.log & res2.log

    Initial size of these files will be 10MB each, used as reserved space for AD updates, in case of Low disk space issues the same files will be used to save the AD updates.


    The checkpoint file (edb.chk) records transactions committed to the AD database (ntds.dit) during shutdown. A "shutdown" statement is written to the edb.chk file when we shutdown the AD server. Then, during a reboot, AD determines that all transactions in the edb.log file have been committed to the AD database. If, for some reason, the edb.chk file doesn't exist on reboot or the shutdown statement isn't present, AD will use the edb.log file to update the AD database.

    temp.edbThis is a scratch pad used to store information about in-progress transactions and to hold pages pulled out of Ntds.dit during compaction.

         The file extension .DIT stands for Directory Information Tree.

         The file extension .CHK stands for Check Point file.

  • If the DNS is Active Directory Integrated, its data is also stored with AD Database.

  • Using System State option in NTBACKUP we can take the back up of Active Directory.

  • When we promote the secondary domain controller and when we do that all this data from these files will be replicated to its database.

  • Active Directory uses Kerberos Authentication.

  • LDAP(Light Weight Directory Access Protocol) is the Protocol used to query the Network Directories like Active Directory. It uses port number TCP 389 to query AD.

  • In Windows 2008 Active Directory comes as a Service, to avoid reboot dependency.

  • AD Users and Computers, AD Sites and Services & AD Domains and Trusts are the three consoles which are used to maintain AD database in GUI.


  1. Hello Sir..
    Can u plz provide any notes for CEH.

  2. Hi Sir,
    Can u provide SAN installations and Configurations.

  3. I never seen such a wonderful blogs in my career.Surely I will refer your blogs to my colleagues and friends who ever looking for a job or doubts in working careers.

    Awesome !!!! Its my request please keep on update all new technologies like VM ware ,Cloud Technologies,etc....


Post a Comment

Popular posts from this blog

VMWare Interview Questions & Tips

Windows: 2012 Server: Restoration of server from ransomware brute force attack – Real time experience

Windows and VMware : System Admin Responsibilities