Export (0) Print
Expand All

3.1.1.5.2.6 NC Requirements

The following requirements apply to DN s of AD DS NCs (the set of NCs that are parts of the Active Directory forest) other than the config NC and schema NC:

  • Each RDN label within the DN has the DC= type.

  • Each RDN label within the DN has a value, which is a valid DNS name label.

The following requirements apply to DN s of all Active Directory NCs:

  • The full DN of the NC does not match the DN of another existing object in an Active Directory NC.

  • If the immediate parent of the NC is not an Active Directory NC, then none of the ancestors (grandparent, grand-grandparent, and so on) are an Active Directory NC. In other words, the set of Active Directory NCs is a set of nonintersecting trees, and each tree does not have "holes".

The following requirements apply to the data stored in NC roots:

  • IT_NC_HEAD bit is set in the instanceType attribute.

  • If the NC has an immediate parent (which must be an NC root per the preceding rules), then IT_NC_ABOVE bit is be set in its instanceType attribute.

  • If the NC has child NCs, then their DNs are listed in its subRefs attribute.

If any server has a replica of the NC and of an NC C, which is a child of the NC, then the NC root of C is the subordinate reference object of C. If the server does not have a replica of C, then an object o is present in the server and satisfies the following requirements, and o is the subordinate reference object of C.

Object o is not exposed through the LDAP protocol. For information about the replication of subordinate reference objects, see [MS-DRSR] sections 4.1.1.2.2, 4.1.20.2, 5.6, and 5.32.

The default structure of data in NCs is covered in Naming Contexts in section 6.1.1.1.

 
Show:
© 2014 Microsoft