Directory Services

About Application Directory Partitions

Many developers who use ADSI or LDAP to store and access relatively static and globally interesting data in Active Directory would also prefer, for the sake of simplicity and uniformity, to continue using ADSI or LDAP access for their dynamic data requirements. Dynamic data is data that changes more frequently than what has been recommended for storing in Active Directory. Dynamic data typically changes faster than the replication latency involved in propagating the change to all replicas of the data.

In Windows 2000, the support for dynamic data is limited. Storing dynamic data in a domain partition is complex. The data is replicated to all domain controllers in the domain which is often unnecessary and can result in inconsistent data due to replication latency. This can adversely impact network performance. In addition, domain partitions are not effective for applications that must replicate data across domain boundaries. Another option in Windows 2000 is to store dynamic data in attributes marked as non-replicated. However, this arrangement is limited in that it has a single point of failure, namely, the single domain controller housing the only copy of the object's non-replicated attributes.

Application directory partitions provide the ability to control the scope of replication and allow the placement of replicas in a manner more suitable for dynamic data. As a result, the application directory partition provides the capability of hosting dynamic data in Active Directory, thus allowing ADSI/LDAP access to it, without significantly impacting network performance.

The Windows 2000 DNS service is an example of a service that can take advantage of application directory partitions. In Windows 2000, if the DNS service is optionally configured to use Active Directory, the DNS zone data is stored in Active Directory in a domain partition. That is, the data is replicated to all domain controllers in the domain, regardless of whether a DNS server is configured to run on the domain controller. This is an instance where full domain-wide replication is superfluous. By storing the DNS zone data in an application directory partition, the service can redefine the scope of replication to only that subset of domain controllers in the domain that actually run the DNS server.

Consider the following scenarios for hosting a replica of an application directory partition:

Types of data that can be stored in an application directory partition include:

Some limitations of application directory partitions include:

Other application directory partition features include: