NTDS.DIT

KCC: (Knowledge Consistency Checker): 

It is a service of A.D., which is responsible for intimating, or updating the changes made either in DC or ADC.
Active Directory is saved in a file called NTDS.DIT
C:\windows\ntds\ntds.dit

NTDS.DIT - New Technology Directory Services. Directory Information Tree

It is a file logically divided into four partitions.
1. Schema partition
2. Configuration partition
3. Domain partition
4. Application partition

It is a set of rules schema defines AD, it is of 2 parts classes & attributes.
Ad is constructed with the help of classes and attributes.

1. Schema: 

Logical partition in AD database “template” for AD database.
· Forms the database structures in which data is stored.
· Extensible
· Dynamic
· Protect by ACL (Access Control Lists) DACLs and SACLs (Directory&System ACLs)
· One schema for AD forest.

Collection of objects is called class.
Piece of information about the object is called attribute.

2. Configuration Partition: 

Logical partition in AD database.
1 “map” of AD implementation
2 Contains information used for replication logon searches.
3 Domains
4 Trust relationships
5 Sites& site links
6 Subnets
7 Domain controller locations.

3. Domain Partition: 

1 Logical partition in AD database.
2 Collections of users, computers, groups etc.
3 Units of replication.
4 Domain controllers in a domain replicate with each other and contain a full copy of the domain partition for their domain.
5 DCs do not replicate domain partition information for other domains

4. Application Partition:

1 It is a newly added partition in win2003. It can be added or removed
2 It can be replicated only to the specified DCs.
3 Useful when we are using AD integrated services like DNS, TAPI services etc..