Security Account Manager (SAM) database

Definition of Security Account Manager (SAM) database in Network Encyclopedia.

What is SAM (Security Account Manager Database)?

SAM Database is the database of user and group account information stored on a domain controller in a Microsoft Windows Server-based network. The Security Account Manager (SAM) database is also known as the domain directory database, or sometimes simply the directory database.

SAM Database explorer
SAM Database explorer

The SAM database occupies a portion of the Windows Server Operating System registry. All user accounts, group accounts, and resource definitions such as shares and printers have their security principals defined in the SAM database. Because the entire SAM database must reside in a domain controller’s RAM, it cannot exceed about 40 MB in Windows NT, which works out to about 40,000 user accounts, or 26,000 users and Windows NT workstations combined. (The following table lists the size of common objects in a SAM database.)

The master copy of the SAM database is stored on the primary domain controller (PDC). Periodic directory synchronization ensures that backup domain controllers (BDCs) have an accurate replica of this master database, so BDCs can also be used for logons and for pass-through authentication of users attempting to access network resources. Object Sizes in a SAM Database

ObjectSize in SAM Database
User account1.0 KB
Computer account0.5 KB
Global group account0.5 KB plus 12 bytes per user
Local group account0.5 KB plus 36 bytes per user


In Microsoft Windows 2000, the functions of the SAM database have been migrated to the more powerful and scalable Active Directory.



One response to “Security Account Manager (SAM) database”

  1. premium accounts service provider

    I think this is a real great blog.Really looking forward to read more. Fantastic.