Active Directory Services and DNS

At the Request of some interested readers, especially for Hussain i made this article about Active Directories and DNS.

First let's see what is an Active Directory. On short is the central component of the Microsoft Windows platform. Active Directory service provides the tools to manage the identities and relationships that make up network environments. Is a network-based object store and service that locates and manages resources, and makes these resources available to authorized users and groups. As you know, or you know now, Windows Server 2003 makes Active Directory simpler to manage, easing migration and deployment.

The Deployment is the process whereby software is installed into an operational environment.


The Migration on the other hand helps update servers from let's say Windows NT Server 4.0 to Windows Server Active Directory or migrates(moves) users, groups, computers between domains.


The Active Directory creates and keeps four types of log files on the maintenance and management of transactions. These files are kept in %system/NTDS and include:

1. Transaction log files. The current transaction file is Edb.log, which by default contains information about recent transactions and is limited to 10MB, which is more then enough. When this limit is reached, transaction files are automatically created with the name edbxxxxx.log (where x is a sequential number).

They are stored until the transactions are committed to the Active Directory. Once every 12 hours, old transaction files are purged during a process known as garbage collection. If you do not want previous transaction files created, it is possible to set circular logging, in which the current file is overridden when it is filled. This action is not recommended because you could lose recent transactions.

2. Checkpoint files. The checkpoint is Edb.chk, and it is used to list transactions that have been committed to the Active Directory and those that remain uncommitted. Each time a transaction is committed, it advances to the next entry. If all transactions are not committed at the time of shutdown, the checkpoint file is read when the system is rebooted, and all remaining transactions are then committed to the Active Directory.


3. Reserved log files. The reserved log file can be a number sequence of logs, with a maximum size of 10MB, named res1.log, res2.log, and so on. These logs are used in place of the transaction log when the creation of a new log file is attempted, but insufficient disk space is available. When this occurs, the system will automatically shut down.




4. Patch files.Patch files (with a .pat suffix) are used during the backup-and-restore process of the Active Directory. Database entries are sometimes divided during backup into what is known as split transactions. The patch files are used to record these splits, and "patch" the transaction back together during restoration.



Data Stores and Partitions
To make easier the information storage and replications, the Active Directory uses 3 types of data store for directory partitions, each of which is discretely replicated as a separate unit according to its own schedule. The 3 Active Directory partitions are:

Schema data. Schema information comprises definitions of the objects that are available or can be created within the Active Directory. It also includes the required and optional object attributes.





Configuration data. The logical structure of the domain is reflected in the configuration data. Very used in all domain trees and forests is a plan for replicating all 3 Active Directory partitions between domain controllers. Therefore, this replication topology is stored in the configuration data partition.

Domain data. So, all objects within the tree are stored as domain data. This information relates strictly to the objects within the domain, and is not replicated to other domains. Instead of total replication of all domain object information, a subset is derived for the Global Catalog. In addition to this subset, the Global Catalog server contains the schema and configuration data. It becomes the index for locating data within a domain, or across a tree or forest.


What is a DNS and Particularities
Abbreviation for Domain Name System, or Service, or Server, an Internet service that converts domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is based on IP addresses. Every time you enter a domain name, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.beepme.blogspot.com might translate to 193.105.200.34.

The DNS system consists of three components: DNS data (called resource records), servers (called name servers), and Internet protocols for fetching data from the servers.

The huge numbers of resource records in the DNS are divided into millions of smaller files called zones. These zones are kept on authoritative servers distributed all over the Internet, which answer queries based on the resource records kept in the zones they have copies of. The Caching servers ask other servers for information and cache any replies. The majority of the name servers are authoritative for some zones and perform a caching function for all other DNS information. Large name servers are often authoritative for thousands of zones, but most name servers are authoritative for just a few zones.

The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, until the correct IP address is returned.