Application partitions store information about application in Active Directory. Each application determines how it stores, categorizes, and uses application specific information. To prevent unnecessary replication to specific application partitions, you can designate which domain controllers in a forest host specific application partitions. Unlike a domain partitions, an application partition cannot store security principal objects, such as user accounts. In addition, the data in an application partition is not stored in the global catalog.
As an example of application partition, if you use a Domain Name System that is integrated with Active Directory you have two application partitions for DNS zones -- ForestDNSZones and DomainDNSZones:
Each domain has a DomainDNSZones partition, but there is only one ForestDNSZones partition. No DNS data is replicated to the global catalog server.
1.-schema partition 2.-configuration partition 3.-domain partition 4.-application partition
Application Directory Partition is a partition space in Active Directory which an application can use to store that application specific data. This partition is then replicated only to some specific domain controllers. The application directory partition can contain any type of data except security principles (users, computers, groups).
Two DNS application directory partitions below the forest root domain are automatically created by the DNS Server service when the computer restarts after the Active Directory Installation Wizard has finished. One application directory partition is created for the forest, ForestDnsZones, and one for the domain, DomainDnsZones. You can use the DNS administrative tool or the dnscmd.exe command-line tool, located in the \Support\Tools directory on the Windows Server 2003 product CD, to use these application directory partitions for DNS zone storage. If you are installing an additional domain controller in an existing forest, the domain controller holding the domain naming operations master role must be online, available, and running Windows Server 2003 for these application directory partitions to be created. If the domain naming master is unavailable or is running Windows 2000, the DNS Server service will attempt to create the application directory partitions again at a later time.
An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition. Applications and services can use application directory partitions to store application-specific data. Application directory partitions can contain any type of object, except security principals. TAPI is an example of a service that stores its application-specific data in an application directory partition. Application directory partitions are usually created by the applications that will use them to store and replicate data. For testing and troubleshooting purposes, members of the Enterprise Admins group can manually create or manage application directory partitions using the Ntdsutil command-line tool. One of the benefits of an application directory partition is that, for redundancy, availability, or fault tolerance, the data in it can be replicated to different domain controllers in a forest. The data can be replicated to a specific domain controller or any set of domain controllers anywhere in the forest. This differs from a domain directory partition in which data is replicated to all domain controllers in that domain. Storing application data in an application directory partition instead of in a domain directory partition may reduce replication traffic because the application data is only replicated to specific domain controllers. Some applications may use application directory partitions to replicate data only to servers where the data will be locally useful.
An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition. Application directory partitions are usually created by the applications that will use them to store and replicate data. For testing and troubleshooting purposes, members of the Enterprise Admins group can manually create or manage application directory partitions using the Ntdsutil command-line tool. One of the benefits of an application directory partition is that, for redundancy, availability, or fault tolerance, the data in it can be replicated to different domain controllers in a forest
Application Directory Partitions.
Using the Active Directory Schema snap-in, add an attribute to the user accountproperty for Employer ID Code.
Configuration Contains the Configuration container, which stores configuration objects for the entire forest in cn=configuration,dc= forestRootDomain . Updates to this container are replicated to all domain controllers in the forest. Configuration objects store information about sites, services, and directory partitions. You can view the contents of the Configuration container by using ADSI Edit.Schema Contains the Schema container, which stores class and attribute definitions for all existing and possible Active Directory objects in cn=schema,cn=configuration,dc= forestRootDomain . Updates to this container are replicated to all domain controllers in the forest. You can view the contents of the Schema container in the Active Directory Schema console.Domain Contains a < domain > container (for example, the abc.com container), which stores users, computers, groups, and other objects for a specific Windows 2000 domain (for example, the abc.com domain). Updates to the < domain> container are replicated to only domain controllers within the domain and to Global Catalog servers if the update is made to an attribute that is marked for replication to the Global Catalog. The < domain > container is displayed in the Active Directory Users and Computers console. The hierarchy of domain directory partitions can be viewed in the Active Directory Domains and Trusts console, where trust relationships between domains can be managed.Each directory partition is a contiguous portion of the directory tree, and each one starts at a single point (the directory partition head ) and spreads to either leaf nodes (for the schema and configuration directory partitions) or to the heads of other directory partitions below it (for domain directory partitions). Each directory partition, therefore, has exactly one directory partition immediately above it in the tree (except for a tree root domain directory partition, which has only the rootDSE above it) and possibly more directory partitions immediately below it
DomainDNSzones
Active Directory NC (Naming Context's) * Active Directory consists of three partitions or naming contexts (NC) ** Domain, Configuration and Schema Naming Contexts * Each are replicated independently * An Active Directory forest has single schema and configuration ** Every domain controller (DC) holds a copy of each (schema, configuration NC's) * Forest can have multiple domains ** Every domain controller in a domain holds a copy of the domain NC
The RODC refers to the additional domain controller for the domain that hosts the read-only partitions of the Active Directory database. It is designed to be deployed in a branch office environment.
Active Directory Federation Services was developed by Microsoft. It is a software component that can be installed on Windows. It is designed to maintain application security and implement federal identity.