Security Account Manager (SAM) database


Definition of Security Account Manager (SAM) database in Network Encyclopedia.

What is SAM (Security Account Manager Database)?

SAM Database is the database of user and group account information stored on a domain controller in a Microsoft Windows Server-based network. The Security Account Manager (SAM) database is also known as the domain directory database, or sometimes simply the directory database.

SAM Database explorer
SAM Database explorer

The SAM database occupies a portion of the Windows Server Operating System registry. All user accounts, group accounts, and resource definitions such as shares and printers have their security principals defined in the SAM database. Because the entire SAM database must reside in a domain controller’s RAM, it cannot exceed about 40 MB in Windows NT, which works out to about 40,000 user accounts, or 26,000 users and Windows NT workstations combined. (The following table lists the size of common objects in a SAM database.)

The master copy of the SAM database is stored on the primary domain controller (PDC). Periodic directory synchronization ensures that backup domain controllers (BDCs) have an accurate replica of this master database, so BDCs can also be used for logons and for pass-through authentication of users attempting to access network resources. Object Sizes in a SAM Database

ObjectSize in SAM Database
User account1.0 KB
Computer account0.5 KB
Global group account0.5 KB plus 12 bytes per user
Local group account0.5 KB plus 36 bytes per user

NOTE


In Microsoft Windows 2000, the functions of the SAM database have been migrated to the more powerful and scalable Active Directory.

Editor

Articles posted after being checked by editors.

Recent Content

link to I/O Manager

I/O Manager

I/O Manager is a component of Microsoft Windows NT executive running in kernel mode that is responsible for all Windows NT input/output functions. The I/O Manager integrates various networking components.