The Active Directory® Application Mode (ADAM) Technical Reference has just been released on Microsoft Downloads. I'm a big fan of using directory services for authentication and authorization rather than recreating the same information in a database. So I've looked over it already, and it is an excellent document. For example, it answers the big question, what are the technical differences between a directory and a database?
| Directory |
Database |
| Optimized for search and read operations. |
Optimized for write operations. |
| Object-oriented, hierarchical data design. Data objects in the directory represent entities such as users, computer, and shared resources. These data objects can be organized hierarchically in containers. |
Relational data design. Data is organized in tables of rows and columns. Data from one table can be linked to data in another table. |
| Uses standardized, extensible schemas. |
Does not use schemas. |
| Designed for replication and distributed management. |
Designed for central storage and administration of data. |
| Granular security, down to the object and attribute level. |
Less granular security, only down to the row and column level. |
| Loose data consistency between replication partners. |
Transactional: guaranteed data consistency. Referential integrity across relational tables and concurrency control with file and record locking. |