Share via


SAM

Applies To: Windows Server 2008 R2

The Security Accounts Manager (SAM) is a database that stores user accounts and security descriptors for users on the local computer.

Managed Entities

The following is a list of the managed entities that are included in this managed entity:

Name Description

Account Management

Account management includes all aspects of creating, modifying, and deleting user accounts. This includes detection of duplicate accounts and security identifiers (SIDs).

Database/Configuration

Database/configuration is a process that ensures that the security database is initialized, properly configured, and available for use by the system.

DB Upgrade/DC Promotion/DC Demotion

The Security Accounts Manager (SAM) database changes state (active or inactive):

  • During an operating system upgrade.
  • When a server becomes a domain controller.
  • When a server is no longer a domain controller.

The database upgrade, domain controller installation, and domain controller removal processes are designed to track events that are related to SAM state changes.

RID Manager

The relative ID (RID) manager is responsible for providing numbers that are used to create unique security identifiers (SIDs) for each account in a domain.

Active Directory