[ Team LiB ] Previous Section Next Section

3.2 Configuration Naming Context

The Configuration NC is the primary repository for configuration information for a forest. Every domain controller in the forest replicates the Configuration NC, which is why it is considered forest-wide. The root of the Configuration NC is found in the Configuration container, which is a subcontainer of the forest root domain. For example, the mycorp.com forest would have a Configuration NC located at cn=configuration,dc=mycorp,dc=com.

Table 3-2 contains a list of the default top-level containers found in the Configuration NC.

Table 3-2. Default top-level containers of the Configuration NC

Relative Distinguished Name

Description

cn=DisplaySpecifiers

Container that holds display specifier objects, which define various properties and functions of the Active Directory MMC Snap-ins.

cn=Extended-Rights

Container for extended rights (controlAccessRight) objects.

cn=ForestUpdates

Contains objects that are used to represent the state of forest and domain functional level changes. This container is new in Windows Server 2003.

cn=LostandFoundConfig

Container for orphaned objects.

cn=NTDS Quotas

Container to store quota objects, which are used to restrict the number of objects that security principals can create in a partition or container. This container is new in Windows Server 2003.

cn=Partitions

Contains objects for each naming context, application partition, and external reference.

cn=Physical Locations

Contains location objects (physicalLocation), which can be associated with other objects to denote location of the object.

cn=Services

Store of configuration information about services such as FRS, Exchange, and even Active Directory itself.

cn=Sites

Contains all of the site topology and replication objects. This includes site, subnet, siteLink, server and nTDSCconnection objects, to name a few.

cn=WellKnown Security Principals

Holds objects representing commonly used foreign security principals, such as Everyone, Interactive, and Authenticated Users.

    [ Team LiB ] Previous Section Next Section