Directory System Agent

The directory system agent (DSA) is the process that provides access to the store . The store is the physical store of directory information that is located on a hard disk. In Active Directory, the DSA is part of the Local Security Authority (LSA) process in Windows 2000. The DSA manages the directory; therefore, it understands what each directory object and function represents. For example, when you create objects, the DSA knows how to check the Active Directory schema to identify the mandatory and optional attributes for that particular object

The DSA also manages other relationships, such as replication topology, by identifying when events are going to force replication synchronization. Therefore, it implements the directory service itself. Clients gain access to the directory by using one of the following mechanisms supported by the DSA:

  • LDAP clients connect to the DSA by using the LDAP protocol. Windows 2000–based clients, and Microsoft® Windows® 98–based or Microsoft® Windows® 95–based clients with the Active Directory client components installed, use LDAPv3 to connect to the DSA.

  • Messaging application programming interface (MAPI) clients, such as Microsoft® Exchange Server version 5.5, connect to the DSA by using the MAPI remote procedure call (RPC) interface.

  • Windows clients that use Microsoft® Windows NT® version 4.0 or earlier connect to the DSA by using the Security Accounts Manager (SAM) interface.

  • Active Directory domain controllers connect to each other to perform replication by using a proprietary RPC implementation.

For more information about the DSA, see "Active Directory Data Storage" in this book.