Академический Документы
Профессиональный Документы
Культура Документы
http://windowsitpro.com/article/articleid/43843/windows-tips--tricks-update--august-
30-2004.html
ADAM, which was introduced with Windows Server 2003, addresses requirements of
directory-enabled applications that don't need to store their data in Active Directory
(AD) but could still benefit from the security and authentication AD can offer.
For example, an application might have to store a large amount of information that
other applications don't need or that doesn't need to be replicated to every domain
controller (DC). ADAM uses a separate database that has many of AD's features
(e.g., schema, replication, management) but is totally separate from AD. This
separate database means that you can have a separate schema for each ADAM
instance--a feature that can be useful for testing. Like AD, ADAM offers a Lightweight
Directory Access Protocol (LDAP) interface that lets LDAP- and AD-based applications
seamlessly use ADAM.
Say you need to store a large amount of extra information about your users for an
application or a portal. Typically, you'd have to change the AD schema to enable this
information to be stored in AD, but because the AD schema is forestwide, you might
hesitate to change it. Instead of changing the schema, you can create an ADAM
instance to store all the extra attributes for the users. The application or portal could
authenticate against AD, then look up the additional information in ADAM.
ADAM runs as a nonsystem service and doesn't have to run on a DC. And because it's
a nonsystem service, you can have multiple instances of ADAM running on one box.
(However, you must configure each instance to listen on a unique LDAP port--for
example, only one instance could use the default ports 389 and 636.) The following
platforms support ADAM:
Windows Server 2003, Web Edition doesn't support ADAM; however, you can install
ADAM on Windows XP SP1 and above, which is useful for developer testing.
Many tools you use for AD management also apply to ADAM, such as the Repadmin
command, the Microsoft Management Console (MMC) ADSI Edit snap-in, and LDP.
ADAM also offers its own ADAM-specific tools such as Dsdbutil (ADAM's version of
Ntdsutil) and Dsmgmt. For more information about ADAM, as well as the
downloadable files you need to install it, go to
http://www.microsoft.com/windowsserver2003/adam/default.mspx.
ADAM is now installed. You can check your installation by starting the ADAM ADSI
Edit tool and making sure you can connect. If you run the command “net start” at a
command prompt, you'll see a service listed that's the name of your instance
(without the ADAM_ prefix). If you received an error during installation about creating
a folder in the \windows\adam folder, simply manually create an empty \adam folder
under the \windows folder and retry the installation.
A. ADAM lets you replicate partitions between ADAM servers. Like trees in an AD
forest, the ADAM servers must share a common configuration and schema to
replicate a partition. To add a replica to an existing ADAM instance, perform the
following steps:
1. Double-click adamsetup.exe.
2. At the "Welcome to the Active Directory Application Mode Setup Wizard" screen,
click Next.
3. Select the "I accept the terms in the license agreement" option and click Next.
4. Under the installation options, select to install "ADAM and ADAM administration
tools" and click Next.
5. You can now select the type of instance to create--a new unique instance or a
replica of an existing instance. Select the "A replica of an existing instance" option
and click Next.
6. Enter the instance name for this ADAM installation. This name, with the prefix
ADAM_ appended to it, names the service--for example, if you enter the name
portal1, the service name is ADAM_portal1. Click Next. To simplify matters, you might
want to give this instance the same name as the instance you're replicating from.
7. Next, you're asked to specify the Lightweight Directory Access Protocol (LDAP)
ports to use. Enter the port numbers you want and click Next. For more information
about LDAP ports, see the FAQ "How can I install Active Directory Application Mode
(ADAM)?".
8. At the window that the figure at
http://www.windowsitpro.com/articles/images/adamreplicaadd1.gif shows, enter the
existing server name and the number of its LDAP port that you want to join. (Specify
a host or DNS name for the server name, not an IP address.) Click Next.
9. You're asked for credentials to be used to add this ADAM instance to the existing
configuration set. Either select the current logged-on account or enter an account to
use; click Next.
10. A list of partitions that are available on the existing ADAM server is displayed.
Select the partitions you want to replicate and click Next.
11. Proceed with the steps as if you're performing a unique ADAM installation, as
described in "How can I install Active Directory Application Mode (ADAM)?".
If the replica addition works, ADSI Edit should now display the contents of your
partition. It's a good idea to create an object in one copy of the replica and make
sure it's replicated to the other members of the replica set. If the partition isn't
cached, it hasn't replicated. If this occurs, you could try stopping and starting the
ADAM service on the replica system, then try to reconnect.