Q. What's Active Directory Application Mode (ADAM)?
August 26, 2004
A. ADAM, which was introduced with Windows Server 2003, addresses requirements of directory-enabled applications that don't need to store their data in Active Directory (AD) but could still benefit from the security and authentication AD can offer. For example, an application might have to store a large amount of information that other applications don't need or that doesn't need to be replicated to every domain controller (DC). ADAM uses a separate database that has many of AD's features (e.g., schema, replication, management) but is totally separate from AD. This separate database means that you can have a separate schema for each ADAM instance--a feature that can be useful for testing. Like AD, ADAM offers a Lightweight Directory Access Protocol (LDAP) interface that lets LDAP- and AD-based applications seamlessly use ADAM.
Say you need to store a large amount of extra information about your users for an application or portal. Typically, you'd have to change the AD schema to enable this information to be stored in AD. But, because the AD schema is forestwide, you might hesitate to change it. Instead of changing the schema, you can create an ADAM instance to store all the extra attributes for the users. The application or portal could authenticate against AD, then look up the additional information in ADAM.
ADAM runs as a nonsystem service and doesn't have to run on a DC. And because it's a nonsystem service, you can have multiple instances of ADAM running on one box. (However, you must configure each instance to listen on a unique LDAP port--for example, only one instance could use the default ports 389 and 636.) The following platforms support ADAM:
Windows Server 2003, Standard Edition
Windows Server 2003, Enterprise Edition
Windows Server 2003, Datacenter Edition
Windows XP Professional Edition Service Pack 1 (SP1)
Windows Server 2003, Web Edition doesn't support ADAM; however, you can install ADAM on Windows XP SP1 and above, which is useful for developer testing.
Many tools you use for AD management also apply to ADAM, such as the Repadmin command, the Microsoft Management Console (MMC) ADSI Edit snap-in, and LDP. ADAM also offers its own ADAM-specific tools such as Dsdbutil (ADAM's version of Ntdsutil) and Dsmgmt. For more information about ADAM, as well as the downloadable files you need to install it, go to http://www.microsoft.com/windowsserver2003/adam/default.mspx.
About the Author
You May Also Like