.svg){kind=link}
/Resources/Images/Deterministic MAC.svg){kind=link}
/Resources/Images/HMAC.svg){kind=link}
/Resources/Images/MAC Example Mechanism.svg){kind=link}
/Resources/Images/MAC Mechanism.svg){kind=link}
/Resources/Images/Message Authentication Code.svg){kind=link}
/Resources/Images/ARP Address Resolution.svg){kind=link}
/Resources/Images/Reverse Address Resolution.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Classful IP Address Format.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Default Subnet Masks.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/IP Dotted Decimal.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/IPv4 Datagram.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/IPv4 Fragmentation Flags.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/IPv4 Option.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Network and Host ID.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Subnet Mask.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Subnetting.svg){kind=link}
/Internet Protocol v4 (IPv4)/Resources/Images/Subnetting Summary.svg){kind=link}
/Management Frames/Resources/Images/802_11_authentication.svg){kind=link}
/Management Frames/Resources/Images/Association_Request.svg){kind=link}
/Management Frames/Resources/Images/Association_Response.svg){kind=link}
/Management Frames/Resources/Images/Authentication_Frame.svg){kind=link}
/Management Frames/Resources/Images/Beacon_Frame.svg){kind=link}
/Management Frames/Resources/Images/BSS_Load_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Capability_Information.svg){kind=link}
/Management Frames/Resources/Images/Challenge_Text_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Channel_Switch_Announcement_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Country_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Deassociation_Frame.svg){kind=link}
/Management Frames/Resources/Images/Deauthentication_Frame.svg){kind=link}
/Management Frames/Resources/Images/DS_Parameter_Set_MFIE.svg){kind=link}
/Management Frames/Resources/Images/ERP_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Extended_Supported_Rates_MFIE.svg){kind=link}
/Management Frames/Resources/Images/IBSS_DFS_MFIE.svg){kind=link}
/Management Frames/Resources/Images/IBSS_DFS_MFIE 1.svg){kind=link}
/Management Frames/Resources/Images/IBSS_Parameter_Set.svg){kind=link}
/Management Frames/Resources/Images/Management_Frame.svg){kind=link}
/Management Frames/Resources/Images/MFIE.svg){kind=link}
/Management Frames/Resources/Images/Power_Capability_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Power_Constraint_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Probe_Request_Frame.svg){kind=link}
/Management Frames/Resources/Images/Probe_Response_Frame.svg){kind=link}
/Management Frames/Resources/Images/Quiet_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Quiet_MFIE 1.svg){kind=link}
/Management Frames/Resources/Images/Reassociation_Request.svg){kind=link}
/Management Frames/Resources/Images/Request_Information_MFIE.svg){kind=link}
/Management Frames/Resources/Images/RSN_MFIE.svg){kind=link}
/Management Frames/Resources/Images/SSID_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Supported_Channels_MFIE.svg){kind=link}
/Management Frames/Resources/Images/Supported_Rates_MFIE.svg){kind=link}
/Management Frames/Resources/Images/TPC_Report_MFIE.svg){kind=link}
/Management Frames/Resources/Images/TPC_Request_MFIE.svg){kind=link}
/Management Frames/Resources/Images/WiFi_authentication_association.svg){kind=link}
/Resources/Images/8021X_entities.svg){kind=link}
/Resources/Images/EAP_FAST.svg){kind=link}
/Resources/Images/EAP_TLS.svg){kind=link}
/Resources/Images/LEAP.svg){kind=link}
/Resources/Images/MAC_Header_QoS.svg){kind=link}
/Resources/Images/PEAP.svg){kind=link}
/Resources/Images/Shared_Key_Auth.svg){kind=link}
/Resources/Images/WEP_RC4.png){kind=link}
/Resources/Images/WiFi_Integrity_MIC.svg){kind=link}
/Resources/Images/WLAN_Frame.svg){kind=link}
/Resources/Images/WLAN_Frame_Control.svg){kind=link}
/Resources/Images/bloodhound/domainadmins.png){kind=link}
/Resources/Images/bloodhound/importedsummary.png){kind=link}
/Resources/Images/bloodhound/sharphoundcollector.png){kind=link}
/Resources/Images/bloodhound/uploaddata.png){kind=link}
/Resources/Images/getdomaincomputers.png){kind=link}
/Resources/Images/getdomaingroups.png){kind=link}
/Resources/Images/getdomainpolicy.png){kind=link}
/Resources/Images/getdomainuserproperty.png){kind=link}
/Resources/Images/getnetdomain.png){kind=link}
/Resources/Images/getnetdomaincontroller.png){kind=link}
/Resources/Images/getnetgpo.png){kind=link}
/Resources/Images/getnetusersamaccname.png){kind=link}
/Resources/Images/getsystemaccessdomainpolicy.png){kind=link}
/Resources/Images/powershell-ep-bypass.png){kind=link}
/Resources/Images/Subdomain Enumeration/httprobe Example.png){kind=link}
/Resources/Images/Subdomain Enumeration/Sublist3r Example.png){kind=link}
/Resources/Images/recon-ng-modules-load.png){kind=link}
/Resources/Images/recon-ng-workspaces-list.png){kind=link}
/Resources/Images/Reverse Whois Lookup.png){kind=link}
/Resources/Images/theHarvester-simple-results.png){kind=link}
/Resources/Images/whois lookup.png){kind=link}
/Resources/Images/Domain Controllers/View Domain Naming Master.png){kind=link}
/Resources/Images/Domain Controllers/View Schema Master.png){kind=link}
/Resources/Images/Groups/Group Creation.png){kind=link}
/Resources/Images/Hierarchy/Domain Tree Example.svg){kind=link}
/Resources/Images/Hierarchy/Transitive Trust.svg){kind=link}
/Resources/Images/Naming Contexts/Create Application Partition.png){kind=link}
/Resources/Images/Naming Contexts/Delete Application Partition.png){kind=link}
/Resources/Images/Naming Contexts/LDP Connect.png){kind=link}
/Resources/Images/Naming Contexts/LDP Naming Contexts.png){kind=link}
/Resources/Images/Naming Contexts/Naming Context Segregation.png){kind=link}
/Resources/Images/Naming Contexts/PowerShell Naming Contexts.png){kind=link}
/Schema/Resources/Images/Active Directory Module for PowerShell.png){kind=link}
/Schema/Resources/Images/Add Schema Snap-In MMC.png){kind=link}
/Schema/Resources/Images/ADSI Edit Configuration NC.png){kind=link}
/Schema/Resources/Images/ADSI Edit Schema NC.png){kind=link}
/Schema/Resources/Images/ADSI Edit Schema Version.png){kind=link}
/Schema/Resources/Images/Index Attribute.png){kind=link}
/Schema/Resources/Images/Inheritance Tree of user.svg){kind=link}
/Schema/Resources/Images/Launc MMC.png){kind=link}
/Schema/Resources/Images/Schema Version PowerShell.png){kind=link}
Introduction
The distributed nature of Active Directory necessitates data segregation. These partitions which organise various data are called Naming Contexts (NCs), also known as directory partitions. Active Directory comes with three types of predefined naming contexts:
- Domain Naming Context - for each domain in the forest;
- Configuration Naming Context - one per forest;
- Schema Naming Context - one per forest.
Additionally, administrators can define additional naming contexts for organising data by using Application Partitions.
One can inspect the naming contexts accessible to a given domain controller by using LDP. Launch ldp.exe and from the toolbar navigate to Connection -> Connect. Type in the IP address of the domain controller you want to inspect and click OK.
This will produce a lot of information, so one needs to look out for the namingContexts attribute. The various naming contexts are given with their distinguished names and are separated by semicolons:
Alternatively, one can use PowerShell:
Get-ADRootDSE -Server <IP> | Select-Object -ExpandProperty namingContexts
Domain Naming Context
Every domain in an Active Directory environment has a Domain Naming Context designed for storing data pertaining to that specific domain. The root of this directory partition is called the NC head and is represented by the domain's distinguished name (in this case dc=cybercorp,dc=com). Every domain controller in the domain maintains a copy of the domain's naming context.
Configuration Naming Context
The Configuration Naming Context stores configuration information about the entire forest and is located under the configuration container cn=Configuration,dc=<forest root domain>,dc=<forest root domain extension> (in the example case, cn=Configuration,dc=cybercorp,dc=com). The configuration partition is replicated to every domain controller inside the forest. Furthermore, writable domain controllers maintain a writable copy of it.
Schema Naming Context
The Schema Naming Context contains the Schema of the Active Directory environment. Since there is a single schema for the entire forest, this partition is also replicated to every domain controller in the forest. It can be found under cn=Schema,Configuration,dc=<forest root domain>,dc=<forest root domain extension>.
Although the Schema NC appears to be a child of the Configuration NC, they are actually completely separate, which can be seen in ADSI Edit.
Application Partitions
Application partitions allow administrators to create custom data storage areas on domain controllers of their choice, rather than entire domains or the forest. One can easily define which domain controllers should maintain a replica of a given application partition because Active Directory automatically sets up the replication after the domain controllers are chosen.
Naming application partitions is similar to naming domains - for example, dc=apppartition,dc=cybercorp,dc=local. Furthermore, the location of an application partition is rather flexible. They can be positioned under domains, under other application partitions or they can be the root of an entirely new domain tree.
There are, however, certain limitations to the objects that an application partition may contain. Application partitions cannot store security principals and the objects within cannot be relocated outside the partition. Moreover, objects in an application partition are not tracked by the Global Catalog.
One can create application partitions via ntdsutil.exe. Run the executable and type in partition management. Create an application partition with the following syntax:
create nc <partition DN> <domain controller>
Contrastingly, deleting an application partition is done by deleting the crossRef object corresponding to the partition in the Configuration NC.
Simply navigate to the Partitions container in the Configuration NC and delete the application partition's crossRef object.
This is again done through ntdsutil.exe. Run the executable and type in partition management. You will need to first connect to the domain controller which you want to maintain a replica of the application partition. Type in connections and then use the following command:
connect to server <domain controller>
Type in quit to return to the partition management menu and use the following syntax to add the domain controller as a replica:
add nc replica "<partition DN>" <domain controller>