Active Directory Database

IT administrators have been working with and around Active Directory since the introduction of the technology in Windows 2000 Server. Windows 2000 Server was released on February 17, 2000 but many administrators began working with Active Directory in late 1999 when it was released to manufacturing (RTM) on December 15, 1999.

Inside the AD Database

The Active Directory database is made up of a single file named ntds.dit. By default, it is stored in the %SYSTEMROOT%\NTDS folder. The folder also contains the following related files:

  • chk.

This file is a checkpoint file. Checkpoint files are commonly used in a transactional database system to keep track of which log file entries have been committed to the database. This is useful during a system crash to avoid data loss.

  • log.

There are typically multiple log files starting with “edb” such as edb0013A.log and edb0013B.log. Additionally, there is the edb.log file which is the active log file. These logs are the transaction logs used to record changes made in AD DS. All changes are first written to a transaction log and eventually make their way into the database a short time later.

  • edb.

As the name implies, this file is a temporary file used to track transactions that are taking place. It is also used when you run a database compaction job.

  • log and res2.log or edbres00001.jrs and edbres00002.jrs.

These log files are each 10MB in space and used in a situation where you are critically low on disk space on the system volume. In older versions of Windows Server, the res1.log and res2.log files are used. Since Windows Server 2008, the “edbres” naming is used, along with a new file extension of .jrs.

The Active Directory database is based on Microsoft’s Joint Engine Technology (JET) which is a database engine that was developed in 1992. Microsoft Access is also based on the JET technology.

Over the years, there have been rumors that Active Directory’s database would be moved over to SQL Server (similar to rumors for Microsoft Exchange) but so far, that doesn’t seem likely. I’ve heard third-hand that SQL was tested as the AD DS database engine but that performance issues prevented it from becoming the database standard.

Because AD DS is a single use database, it can effectively run on JET technology (whereas JET technology may not be a good fit for the majority of transactional database needs which often have multiple uses).

Microsoft chose to use the Indexed Sequential Access Method (ISAM) model for indexing data in the AD DS database.

To work with the data, including transferring data in and out of the database, the Extensible Storage Engine (ESE) is used. ESE helps to maintain a consistent, and therefore optimal, database, especially in the event of a system crash. ESE is sometimes called JET Blue and is used by other technologies besides Active Directory including Microsoft Exchange, Windows Server’s BranchCache, and Microsoft’s Desktop Search.

The database technologies for Active Directory have been around a long time. Each technology, by itself, could account for several pages of text to dive into how they work.

More information about Active Directory basisc you will find in our AD tutorial for begginners.

Expert in Microsoft infrastructure and cloud-based solutions built around Windows, Active Directory, Azure, Microsoft Exchange, System Center, virtualization, and MDOP. In addition to authoring books, Brian writes training content, white papers, and is a technical reviewer on a large number of books and publications.