Compartir a través de


Database/Configuration

Applies To: Windows Server 2008 R2

Database/configuration is a process that ensures that the security database is initialized, properly configured, and available for use by the system.

Aspects

The following is a list of all aspects that are part of this managed entity:

Name Description

Account Lockout

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to lock out the account that exceeded the threshold for the number of incorrect passwords entered.

Database Commit

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to write changes to its database.

Directory Services Restore Mode

An administrator can restart a domain controller into a special maintenance and diagnostic mode, which is known as Directory Services Restore Mode. An adminstrator can use this startup option to perform checks on the directory database, compact the database, or even completely restore the database.

Domain Functional Level

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to change the domain functional level to a state that provides new features but has less compatibility with earlier versions of the operating system.

Network Interface Initialization

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to initialize its network connection.

Notification Package

During a password reset or change operation for a user account, the system notifies any registered software notification packages about the update. Registered software notification packages may update their own private credential state concerning the user account. If such an update fails, a software notification package authentication operation may fail. A software notification package failure may prevent users from accessing resources. Examples of software notification packages (specifically, security software packages) that register for password change notifications include the following: Kerberos, NTLM, Digest, and SChannel, as well as non-Microsoft software.

Security Configuration

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to secure the computer accounts by removing the default Full Control permissions, which are assigned to the Builtin Account Operators group, from the access control entry (ACE) of a computer account.

Universal and Global Group Caching

The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to enable or disable group membership caching.

Active Directory