Directory Database

Directory Database is the central store of account and security information on a network.

What is Directory Database?

The central store of account and security information on a network. In Microsoft Windows NT and Windows 2000, the directory database resides on the domain controllers, which manage all security-related aspects of the network. In Windows NT, the directory database is generally called the Security Accounts Manager (SAM) database. In Windows 2000, the directory database is the database component of Active Directory.

The SAM database in Windows NT stores information about users, groups, and computers that participate in the domain. It also stores security policy information such as password expiration policies and audit policies. The SAM database stores its information in a privileged area of the registry.

NOTE

The practical upper limit for a SAM database is 40 MB, which corresponds to approximately 26,000 user and computer accounts. If an enterprise has more than 26,000 users, the Windows NT directory database can be partitioned (split) into two or more portions and trust relationships can be configured according to a multiple master domain model.