The architecture for Active Directory searches includes both client and server components. On the client side, a directory client application constructs LDAP requests to be sent to Active Directory.
These requests can be one of several types, including connect, bind (authentication), modify, and unbind. Depending on how a directory client application is written, one of three different application programming interfaces (APIs) is used to submit requests. The LDAP requests are received and processed by the Directory System Agent (DSA), which is represented by Ntdsa.dll on a domain controller. Ntdsa.dll runs as a part of the local security authority (LSA), which runs as Lsass.exe. The architecture for Active Directory searches is shown in the following figure.
The components of the architecture for Active Directory searches are described in the following table.