Local Security Database is the database of user and group accounts on a server or workstation running Microsoft Windows NT installed as part of a workgroup. In the workgroup security model, each computer running Windows NT is responsible for authenticating users who try to log on locally (interactively) to a particular machine.
Each computer in a workgroup maintains its own independent local user and group accounts in its local security database. This is in contrast to a domain security model, in which the security database for all computers in the domain is kept on special machines called domain controllers.
The local security database also contains the local security policy for the machine, which governs such things as password expiration and account lockout settings.
The local security database is also called the SAM database because it is managed by the Security Accounts Manager (SAM), a component of the Windows NT security subsystem on the local machine.
NOTE
If a machine running Windows 2000 is installed in a workgroup, the database of account information stored on that machine is also called the local security database.
