1 Ntds.dit – is the main AD database file. NTDS stands for New Technology Directory Services. The DIT stands for Directory Information Tree.
- contains all naming contexts hosted by that domain controller, including the Configuration and Schema naming contexts.
- A Global Catalog server stores the partial naming context replicas in the Ntds.dit right along with the full Domain naming context for its domain.
2 Edb.log –is a transaction log. Any changes made to objects in Active Directory are first saved to a transaction log. During non-peak times in CPU activity, the database engine commits the transactions into the main Ntds.dit database. This ensures that the database can be recovered in the event of a system crash. Entries that have not been committed to Ntds.dit are kept in memory to improve performance. Transaction log files used by the ESE (Extensible Storage Engine is an Indexed Sequential Access Method (ISAM) data storage technology from Microsoft. ESE is the core of Microsoft Exchange Server and Active Directory.) engine are always 10MB.
3-Edbxxxxx.log – are auxiliary transaction logs used to store changes if the main Edb.log file gets full before it can be flushed to Ntds.dit.
- The xxxxx stands for a sequential number in hex. When the Edb.log file fills up, an Edbtemp.log file is opened. The original Edb.log file is renamed to Edb00001.log, and Edbtemp.log is renamed to Edb.log file,
- Excess log files are deleted after they have been committed. You may see more than one Edbxxxxx.log file if a busy domain controller has many updates pending.
4 Edb.chk – is a checkpoint file. It is used by the transaction logging system to mark the point at which updates are transferred from the log files to Ntds.dit.
As transactions are committed, the checkpoint moves forward in the Edb.chk file. If the system terminates abnormally, the pointer tells the system how far along a given set of commits had progressed before the termination.
5 Res1.log and Res2.log – are reserve log files. If the hard drive fills to capacity just as the system is attempting to create an Edbxxxxx.log file, the space reserved by the Res log files is used.
- The system then puts a dire warning on the screen prompting you to take action to free up disk space quickly before Active Directory gets corrupted.
- You should never let a volume containing Active Directory files get even close to being full. File fragmentation is a big performance thief, and fragmentation increases exponentially as free space diminishes.
- Also, you may run into problems as you run out of drive space with online database defragmentation (compaction). This can cause Active Directory to stop working if the indexes cannot be rebuilt.
6.Temp.edb – is a scratch pad used to store information about in-progress transactions and to hold pages pulled out of Ntds.dit during compaction.
7. Schema.ini – is used to initialize the Ntds.dit during the initial promotion of a domain controller. It is not used after that has been accomplished
source : https://servergeeks.wordpress.com/2013/04/22/active-directory-database-and-log-files/