For organizations that require flexible support for directory-enabled applications, Microsoft has developed ADAM, which is an LDAP directory service that runs as a user service, rather than as a system service.
Active Directory Application Mode represents a breakthrough in directory services technology that provides flexibility, and helps organizations avoid increased infrastructure costs.
Service Pack 1
Service Pack 1 for ADAM is now available. The package listed here is the integrated package which directly installs ADAM Service Pack 1 for new installations and upgrades existing ADAM installations to Service Pack 1. Note that ADAM Service Pack 1 is not available for Itanium-based systems.
ADAM now ships as a part of the Microsoft® Windows® Server 2003 R2 release and can be installed through Optional Component Manager. This download is for use on Microsoft® Windows® Server 2003 systems that do not have the Microsoft® Windows® Server 2003 R2 refresh. ADAM SP1 includes the enhancements made to ADAM in the Microsoft® Windows® Server 2003 R2 release.
Active Directory Application Mode (ADAM) is a part of Microsoft?s fully integrated directory services available with Windows Server 2003, and is built specifically to address directory-enabled application scenarios. ADAM runs as a non-operating-system service, and, as such, it does not require deployment on a domain controller. Running as a non-operating-system service means that multiple instances of ADAM can run concurrently on a single server, and each instance can be configured independently.
Key ADAM benefits include:
? Ease of deployment. Developers, end users, and ISVs can easily deploy Active Directory Application Mode as a flexible directory service on Windows Server 2003 platforms and on Windows XP Professional. You can easily install, reinstall, or remove the ADAM application directory, making it the ideal directory service to deploy with an application.
? Reduced infrastructure costs. By using a single directory technology for both your NOS and application directory needs, you can reduce overall infrastructure costs. Additional investments are not required for training, administration, or management of your application directory. Application programming interfaces (LDAP, Active Directory Service Interfaces (ADSI), and Directory Services Markup Language (DSML)) are also equivalent between the two directory services, so that you can build applications on ADAM and then migrate them to the corporate NOS directory as needed, with minimal change.
? Increased security. Because Active Directory Application Mode is integrated with the Windows security model, any application that is deployed using ADAM can authenticate access against Active Directory across the enterprise.
? Increased flexibility. An application owner can easily deploy directory-enabled applications without affecting the directory schema for the entire organization, while continuing to use the identity information and credentials that are stored in the organization?s NOS directory.
? Reliability and scalability. Applications that use Active Directory Application Mode have the same reliability, scalability, and performance that they have with deployments of Active Directory in the NOS environment.
System Requirements: Supported Operating Systems: Windows Server 2003, Windows XP, Windows XP 64-bitYou can run Active Directory Application Mode on computers running any of the following operating systems:
Microsoft® Windows® Server 2003, Standard Edition Microsoft® Windows® Server 2003, Enterprise Edition Microsoft® Windows® Server 2003, Datacenter Edition The 64-bit version of Microsoft® Windows® Server 2003, Enterprise Edition The 64-bit version of Microsoft® Windows® Server 2003, Datacenter Edition Microsoft® Windows® XP Professional Service Pack 1 (SP1) Microsoft® Windows® XP 64-Bit Edition Service Pack 1 (SP1)
Workgroup and domain requirements
ADAM does not require a forest, domain, or domain controller. You can install ADAM on computers that are configured as any of the following:
Domain controllers Domain members Workgroup members
Support for LDAP clients
ADAM supports any Lightweight Directory Access Protocol (LDAP) client that is written to the LDAP v3 technical specification.
Support for ADSI clients
ADAM supports Active Directory Service Interfaces (ADSI) for clients running the following:
Windows XP Professional Microsoft® Windows® XP Home Edition Windows Server 2003 family Microsoft® Windows® 2000
For complete ADSI functionality with Windows XP Professional, you must install hotfix 817583. For more information about this hotfix, see article 817583, «Active Directory Services Does Not Request Secure Authorization Over an SSL Connection,» in the Microsoft Knowledge Base.
Download & more information
Chapter 18. Active Directory Application Mode (ADAM)
Shortly after Microsoft released Windows 2000 Active Directory, developers and administrators started asking for a standalone Microsoft LDAP service that was similar to Active Directory but didn’t have the baggage of Active Directory. Baggage includes DNS requirements, the FRS requirements, Group Policy, and other domain pieces like Kerberos and the legacy SAM stuff—basically, something light and easy to set up and play with, and then tear back down as required. While you can do this with Active Directory, there tends to be additional clean-up and configuration required, and things unrelated to the LDAP functionality can get confused and cause it all to malfunction.
In November 2003, shortly after Windows Server 2003 Active Directory was released, Microsoft released Active Directory Application Mode (ADAM) V1.0 to the web (RTW). This was the product that the developers and administrators had been asking for: Active Directory Lite. ADAM allows developers and administrators to play with Active Directory on Windows XP or Windows 2003 Servers without promoting the local host to a full domain controller. The only DNS requirement is resolution of the hostname. No FRS, no Kerberos, no group policy, no icky domain stuff. In fact, ADAM runs nicely as a regular Windows application that can leverage any Windows Domain authentication or local machine authentication that is available, as well as offering up its own authentication that is completely …
Active Directory Application Mode (ADAM) is a new mode of Active Directory that is designed specifically for directory-enabled applications. ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that runs as a user service, rather than as a system service. You can run ADAM on servers and domain controllers running operating systems in the Windows Server 2003 family (except for Windows Server 2003, Web Edition) and also on client computers running Windows XP Professional.
ADAM does not require the deployment of domains or domain controllers. You can run multiple instances of ADAM concurrently on a single computer, with an independently managed schema and independently managed data for each ADAM instance.
The ideal environment for ADAM includes the following:
•A computer running Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; Windows Server 2003, Datacenter Edition; or Windows XP Professional and containing hardware that meets the minimum hardware requirements of each respective operating system
•For environments consisting of multiple, replicating ADAM instances, the presence of a fully functioning replication topology
•A regular backup schedule
Complete ADAM
This entry was posted on June 14, 2007 at 8:37 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a
reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation.
Read full disclaimer for more details.
MS08-035: Description of the security update for Active Directory Application Mode (ADAM) in Windows Server 2003 and in Windows XP (client-side): June 10, 2008
View products that this article applies to.
Microsoft has released security bulletin MS08-035. The
security bulletin contains all the relevant information about the security
update. This information includes deployment options. To view the complete
security bulletin, visit one of the following Microsoft Web sites:
- Home users:Skip the details: Download the updates for your home computer or for your portable computer from the
Microsoft Update Web site now: - IT professionals:
How to obtain help and support for this security update
Help installing updates:
Support for Microsoft Update
Security solutions for IT professionals:
TechNet Security Troubleshooting and Support
Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center
Local support according to your country:
International Support
↑ Back to the top
Known issues with this security update
- You must have ADAM Service Pack 1 (SP1) installed to install this security update. If you try to install this security update but do not have ADAM SP1 installed or an instance of ADAM created, you may receive an error message that resembles the following:
Setup cannot continue because one or more prerequisites required to install KB949269 failed. For More details check the Log File c:\windows\KB949269.log
To resolve this issue, follow these steps:
- Install ADAM SP1. By doing this, you make sure that you have required minimum version of the adamdsa.dll file installed. For more information, visit the following Microsoft Web page:
- Create an ADAM Instance. To do this, use the Adaminstall.exe tool. Or, click Start and then click the Create instance option in the ADAM group of menus.
- Install the security update.
- Restart the computer.
File information
The English (United States) version of this security update
has the file attributes (or later file attributes) that are listed in the
following table. The dates and times for these files are listed in Coordinated
Universal Time (UTC). When you view the file information, it is converted to
local time. To find the difference between UTC and local time, use the
Time Zone tab in the Date and Time item in
Control Panel.
For all supported x64-based editions of Windows Server 2003 or for Windows XP Professional
| File name | File version | File size |
Date | Time | Platform | SP requirement |
Service branch |
|---|---|---|---|---|---|---|---|
| Adamdsa.dll | 1.1.3790.3129 | 2,954,240 | 05-May-2008 | 19:27 | x64 | SP1 | SP1GDR |
| Adamdsa.dll | 1.1.3790.3129 | 2,956,800 | 05-May-2008 | 19:28 | x64 | SP1 | SP1QFE |
| Adamdsa.dll | 1.1.3790.4281 | 2,958,336 | 05-May-2008 | 19:37 | x64 | SP2 | SP2GDR |
| Adamdsa.dll | 1.1.3790.4281 | 2,959,872 | 05-May-2008 | 19:30 | x64 | SP2 | SP2QFE |
For all supported 32-bit editions of Windows Server 2003
| File name | File version | File size |
Date | Time | Platform | SP requirement |
Service branch |
|---|---|---|---|---|---|---|---|
| Adamdsa.dll | 1.1.3790.3129 | 1,630,720 | 29-Apr-2008 | 17:11 | x86 | SP1 | SP1GDR |
| Adamdsa.dll | 1.1.3790.3129 | 1,631,232 | 29-Apr-2008 | 16:54 | x86 | SP1 | SP1QFE |
| Adamdsa.dll | 1.1.3790.4281 | 1,631,744 | 29-Apr-2008 | 16:39 | x86 | SP2 | SP2GDR |
| Adamdsa.dll | 1.1.3790.4281 | 1,632,768 | 29-Apr-2008 | 17:09 | x86 | SP2 | SP2QFE |
For all supported 32-bit editions of Windows XP
| File name | File version | File size |
Date | Time | Platform | SP requirement |
Service branch |
|---|---|---|---|---|---|---|---|
| Adamdsa.dll | 1.1.3790.4276 | 1,631,744 | 25-Apr-2008 | 14:25 | x86 | SP2 | SP2GDR |
| Adamdsa.dll | 1.1.3790.4276 | 1,632,768 | 25-Apr-2008 | 14:07 | x86 | SP2 | SP2QFE |
| Adamdsa.dll | 1.1.3790.4276 | 1,631,744 | 25-Apr-2008 | 13:54 | x86 | SP3 | SP3GDR |
| Adamdsa.dll | 1.1.3790.4276 | 1,632,768 | 25-Apr-2008 | 14:02 | x86 | SP3 | SP3QFE |
↑ Back to the top
Keywords: kbexpertiseinter, kbfix, kbbug, kbsecvulnerability, kbsecbulletin, kbsecurity, kbqfe, kbexpertisebeginner, KB949269
↑ Back to the top