3.2 Configuration Naming Context
The Configuration NC is the primary
repository for configuration information for a forest. Every domain
controller in the forest replicates the Configuration NC, which is
why it is considered forest-wide. The root of the Configuration NC is
found in the Configuration container, which is a subcontainer of the
forest root domain. For example, the mycorp.com forest would have a
Configuration NC located at
cn=configuration,dc=mycorp,dc=com.
Table 3-2 contains a list of the default top-level
containers found in the Configuration NC.
Table 3-2. Default top-level containers of the Configuration NC
|
cn=DisplaySpecifiers
|
Container that holds display specifier objects, which define various
properties and functions of the Active Directory MMC Snap-ins.
|
|
cn=Extended-Rights
|
Container for extended rights (controlAccessRight) objects.
|
|
cn=ForestUpdates
|
Contains objects that are used to represent the state of forest and
domain functional level changes. This container is new in Windows
Server 2003.
|
|
cn=LostandFoundConfig
|
Container for orphaned objects.
|
|
cn=NTDS Quotas
|
Container to store quota objects, which are used to restrict the
number of objects that security principals can create in a partition
or container. This container is new in Windows Server 2003.
|
|
cn=Partitions
|
Contains objects for each naming context, application partition, and
external reference.
|
|
cn=Physical Locations
|
Contains location objects (physicalLocation), which can be associated
with other objects to denote location of the object.
|
|
cn=Services
|
Store of configuration information about services such as FRS,
Exchange, and even Active Directory itself.
|
|
cn=Sites
|
Contains all of the site topology and replication objects. This
includes site, subnet, siteLink, server and nTDSCconnection objects,
to name a few.
|
|
cn=WellKnown Security Principals
|
Holds objects representing commonly used foreign security principals,
such as Everyone, Interactive, and Authenticated Users.
|
|
