Application Directory Partition
In Windows Server 2003, Active Directory Domain Services support application directory partitions.
Applications and services can use application directory partitions to store application-specific data. Application directory partitions can contain any type of object, except security principals, and can be configured to replicate to any set of domain controllers in the forest.
Unlike a domain partition, an application directory partition is not required to replicate to all domain controllers in a domain and the partition can replicate to domain controllers in different domains of the forest
Application directory partitions are usually created by the applications that will use them to store and replicate data. For testing and troubleshooting purposes, members of the Enterprise Admins group can manually create or manage application directory partitions using the Ntdsutil command-line tool.
Creating an Application Directory Partition
You can use the NTDSUTIL command line tool to create and manage application directory partition; some application vendors will also include code in their applications to create the application directory partition
Open a command prompt window and entering the NTDSUTIL command followed by the DOMAIN MANAGEMENT command and the CONNECT TO SERVER servername..
CREATE NC application_directory_partition domain_controller
CREATE NC application.test.com Taz0000.test.com
Replicating the Application Directory Partition
ADD NC REPLICA application_directory_partition domain_controller
ADD NC Replica application.test.com Taz0001.brienposey.com
The process for removing a replica is almost identical to creating it:
REMOVE NC REPLICA application_directory_partition domain_controller
The command for deleting an application directory partition is:
DELETE NC application_directory_partition
DELETE NC application.test.com
Application Directory Partitions for DNS
DNS can use application directory partitions to store DNS data on Windows Server 2003–based domain controllers. DNS-specific application directory partitions are automatically created in the forest and in each domain when the DNS service is installed on new or upgraded Windows Server 2003–based domain controllers
he creation and deletion of application directory partitions, including the default DNS application directory partitions, requires that the domain naming master role holder reside on a Windows Server 2003–based domain controller.
The following DNS-specific application directory partitions are created during Active Directory installation:
ForestDnsZones — A forest-wide application directory partition shared by all DNS servers in the same forest
nDomainDnsZones — Domain-wide application directory partitions for each DNS server in the same domain
Replication Scope Domain partition
Active Directory domain partition for each domain in the forest. DNS zones stored in this partition are replicated to all domain controllers in the domain. This is the only Active Directory storage option for DNS zones that are replicated to domain controllers running Windows 2000 Server.
Forest-wide DNS application directory partition
DNS application directory partition for the entire forest. DNS zones stored in this application directory partition are replicated to all DNS servers running on domain controllers in the forest. This DNS application directory partition is created when you install the DNS Server service on the first Windows Server 2003 domain controller in the forest. ]
Domain-wide DNS application directory partition
DNS application directory partition for each domain in the forest. DNS zones stored in this application directory partition are replicated to all DNS servers running on domain controllers in the domain. For the forest root domain, this DNS application directory partition is created when you first install the DNS Server service on a Windows Server 2003 domain controller in the forest.
Custom DNS application directory partition
DNS application directory partition for any domain controller that is enlisted in its replication scope. This type of DNS application directory partition does not exist by default and must be created. DNS zones stored in this application directory partition are replicated to all DNS servers running on domain controller that enlist in the partition.
Use DNS Application Directory Partitions
Use application directory partitions for Active Directory–integrated DNS zones to reduce replication traffic and the amount of data stored in the global catalog.
After completing the upgrade of all Windows 2000–based domain controllers in the forest to Windows Server 2003, move the Active Directory–integrated DNS data on all DNS servers from the domain partition into the newly created DNS application directory partitions. This is done by changing the replication scope of the DNS zones.
Move the DNS zones that you want to replicate to all DNS servers in the forest to the forest-wide DNS application directory partition, ForestDnsZones. For each domain in the forest, move the DNS zones that you want to replicate to all DNS servers in the domain to the domain-wide DNS application directory partition, DomainDnsZones.
Domain-wide replication can be targeted to minimize replication traffic because administrators can specify which of the domain controllers running the DNS service receive the DNS zone data.
Forest-wide replication can be targeted to minimize replication traffic because DNS data is no longer replicated to the global catalog.
NS records located on global catalog servers in the forest are removed, minimizing the amount of information replicated with the global catalog.
To view the records for the various DNS partitions
The DNS application directory partitions are not displayed by all Active Directory administrative tools. To see these directory partitions, you can use dnscmd (command-line tool) or ADSI Edit (adsiedit.msc) in Support Tools.
To view the records for the various DNS partitions or to delete the Test.com zone in the desired directory partition(s), follow these steps.
Click Start, click Run, type adsiedit.msc, and then click OK.
In the console tree, right-click ADSI Edit, and then click Connect to.
Click Select or type a Distinguished Name or Naming Context, type the following text in the list, and then click OK:
DC=ForestDNSZones, DC=Test, DC=com
In the console tree, double-click DC=ForestDNSZones, DC=Test, DC=com.
Double-click CN=MicrosoftDNS, and click the zone (Test.com). You should now be able to view the DNS records which exist in this DNS partition