Active Directory database

Active directory database uses the “Extensible Storage Engine (ESE)” which is an indexed and sequential access method (ISAM) database. It is uses record-oriented database architecture which provides extremely fast access to records. ESE indexes the data in the database file. This database file can grow up to 16 terabyte and hold over 2 billion records.

AD Database

The default active directory database file location is C:\Windows\NTDS. This file location can easily change during the active directory installation. As a best practice it is always good if it can be save in different hard disk partition rather than operating system partition. 

AD database

Ntds.dit – This is the physical active directory database file. This is where all the active directory data stored. It holds domain info, schema info and configuration info. Mainly it contain 3 tables.
1)    Link table
2)    Data table
3)    Security Depositor table

The folder also contains the following related files:

  • chk

This file is a checkpoint file. Checkpoint files are commonly used in a transactional database system to keep track of which log file entries have been committed to the database. This is useful during a system crash to avoid data loss.

  • log.

There are typically multiple log files starting with “edb” such as edb0013A.log and edb0013B.log. Additionally, there is the edb.log file which is the active log file. These logs are the transaction logs used to record changes made in AD DS. All changes are first written to a transaction log and eventually make their way into the database a short time later.

  • edb.

As the name implies, this file is a temporary file used to track transactions that are taking place. It is also used when you run a database compaction job.

  • log and res2.log or edbres00001.jrs and edbres00002.jrs.

These log files are each 10MB in space and used in a situation where you are critically low on disk space on the system volume. In older versions of Windows Server, the res1.log and res2.log files are used. Since Windows Server 2008, the “edbres” naming is used, along with a new file extension of .jrs.

If you have any questions feel free to contact us on also follow us on facebook@windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

Leave a Reply