Windows 2000 Active Directory replaced Windows NT 4.0 Security Account Manager Database, providing not only increased functionality and scalability, but also enhanced security through more-granular levels of permissions, sophisticated encryption, and two-way, resilient authentication protocol (with Kerberos). With the Windows 2003 platform, Microsoft takes full advantage of these features by allowing more flexibility in the way Active Directory information is partitioned and replicated.
Starting with Windows 2000, Active Directory has been divided into three "logical" partitions (physically residing in the NTDS.DIT file on each domain controller) -- domain, configuration, and schema. The domain partitions store information specific to each domain (accessible primarily via Active Directory users and computers) and shared among all domain controllers in the same domain (partially replicated to all Global Catalogs in the forest).
The configuration partition contains forest-wide......
Join Now or Login to view the rest of this paper.
Approximate Word Count: 701
Approximate Pages: 3 (260 words per double-spaced page) |