none
What is writable or read-only directory partitions

    Question

  • 1.What is writable directory partitions (naming context)?

    2.What is read-only directory partitions (naming context)?

    3.How to confirm each domain controller each partition that is writable or read-only partition?

    4.I found below document that say each domain controller stores writable schema,configuration and domain partition. so the application partition is read-only partition?

    In this document https://technet.microsoft.com/en-us/library/cc961795.aspx 

    Each domain controller stores at least three full, writable directory partition replicas as follows:

    • The schema partition, which contains all class and attribute definitions for the forest. There is one schema directory partition per forest.

    • The configuration partition, which contains replication configuration information (and other information) for the forest. There is one configuration directory partition per forest.

    • The domain partition, which contains all objects that are stored by one domain. There is one domain directory partition for each domain in the forest.

    Friday, April 14, 2017 12:45 AM

All replies

  • Hi georchangx,

    For now, I haven't found the information about read-only directory partitions from Microsoft. When you create a new domain, a domain directory partition is created in Active Directory as an instance of the class domainDnsand is added to the list of domain partitions in the Partitions container.
    "Every domain controller holds at least one directory partition that stores domain data, such as users, groups, and OUs. Every domain controller also stores two nondomain directory partitions that store forest-wide data, which includes the schema and configuration data."

    And different categories of data are stored in replicas of different directory partition. Based on my knowlegde, according to the Microsoft, it mainly mentioned the different directory partition for these different data. But not specify this is writable directory partitions or read-only directory partitions

    You could also refer to the articles for more details.

    https://technet.microsoft.com/en-us/library/cc772726(v=ws.10).aspx

    https://technet.microsoft.com/en-us/library/cc961591.aspx

    Best Regards,

    Mary


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, April 14, 2017 12:36 PM
    Moderator
  • Hi Mary

    I want to fix lingering object and I found below blog. This document has more about writable and read-only NC detail but I don't understand what does mean?

    "An abandoned object is an object created on one DC that never got replicated to other DCs hosting a writable copy of the NC but does get replicated to DCs/GCs hosting a read-only copy of the NC. The originating DC goes offline prior to replicating the originating write to other DCs that contain a writable copy of the partition."

    https://blogs.technet.microsoft.com/askds/2014/09/15/remove-lingering-objects-that-cause-ad-replication-error-8606-and-friends/

    Sunday, April 16, 2017 4:09 PM
  • Hi georgechangx,

    I guess that may related to this, Lingering objects are most frequently found in read-only domain partitions on GCs(This part for my understanding is RODC. I mainly understanding from the Microsoft articles you mentioned)And for lingering objects, it may also exist in writable domain partitions as well as the configuration partition. 
    In addition, you could also check the KB below about error 8606.

    https://support.microsoft.com/en-sg/help/2028495/troubleshooting-ad-replication-error-8606-insufficient-attributes-were-given-to-create-an-object

    Best Regards,

    Mary


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, April 17, 2017 7:54 AM
    Moderator
  • Hi Georgechangx,

    I recently worked on RODCs and write able DCs (RWDC) so I have explored the differences. 

    When an AD database is held by an RODC, all partitions (including the application partition) become read-only because you cannot update or change their data. When an AD database is held by write able DC, those all partitions are both read-write able because you can read and write the data in them.

    As we know the DNS data is stored in application partition in AD database. So when the AD database is held by read-only DC you can not alter the DNS data in application partition. When AD database is held by write able DC, you can change the DNS data placed in application partition.

    Hope this help.

    / Karim
     



    Tuesday, April 18, 2017 8:49 AM