3.1.1.1 Database Views

The following names represent the columns of the views that are specified in this section:

• Domain DNS Name

• Domain NetBIOS Name

• Domain SID

• Security Principal Name

• Additional Security Principal Name

• Default User Principal Names

• User Principal Name

• Security Principal SID

• Security Principal SID History

• Security Principal Type

Domain SID, Security Principal Name, Security Principal SID, and Security Principal Type are mandatory columns that MUST have values, while the rest MAY have values.

Some views are populated with constants, while others are populated by extracting current information from various domain databases. The specific views and how they are populated are described in the following paragraphs and subsections.

When a view is populated by extracting current information from the domain database of a selected domain, and the database or a replica of the database is local to the server, the server MUST use the local values. If the security database or a replica is not local, the server MUST use values from a remote replica. For remote values, there are no consistency guarantees from call to call; that is, the view might contain values from a different remote replica on each call.

The following assumptions are made for all views:

• Security Principal SID forms a unique key for each row.

• The Security Principal Name and Domain NetBIOS Name pair forms a unique key for each row.

• If Domain DNS Name is not empty, the Security Principal Name and Domain DNS Name pair forms a unique key for each row.

• If Additional Security Principal Name is not empty, the Additional Security Principal Name and Domain NetBIOS Name pair forms a unique key for each row.

• If Additional Security Principal Name and Domain DNS Name are not empty, the Additional Security Principal Name and Domain DNS Name pair forms a unique key for each row.

These assumptions MUST be held true by the database implementations from which these views are created.<17>