Tip

Keep Active Directory neat and tidy

Like NFTS, DNS and every other data storage mechanism within Windows 2000, the Active Directory database becomes untidy over time. As records are added, modified, deleted, re-categorized, re-grouped, pruned and grafted the AD database becomes fragmented, non-contiguous and less efficient.

The Windows 2000 Active Directory database is stored primarily in the ntds.dit file located in the %systemroot%NTDS folder by default. This file is the core of your domain. Without it your network won't exist anymore. As it becomes bloated over time, your network's performance and ability to process authentications and transactions quickly degrades severely.

While Windows 2000 has several built-in mechanisms to help maintain the health of this mission-critical database, it isn't foolproof and doesn't address every issue. The key to keeping the database in good shape is regular defragmentation. Just as with storage devices, defragmentation will speed operations, remove or mark errors and create contiguous free space. Every 12 hours, Windows 2000 automatically performs an online defragmentation process. However, because this occurs while the database is still in active use, only parts of it are properly housecleaned. The end result of this automatic defragmentation is the reclamation of free space within the database file, but the database file is not reduced in size.

But there is hope. An offline defragmentation will both clean up the AD database's internal mess and

Requires Free Membership to View

reduce the file size, offering direct results in improved performance and stability.

The complete steps to performing an offline defragmentation are contained in the Microsoft Knowledge Base document Q232122, "Performing Offline Defragmentation of the Active Directory Database." Basically, you'll reboot into Directory Services Restore Mode using F8, then use the NTDSutil to perform the defragmentation process.

I'd like to stress one very important point from this document: Always back up your system before and after the operation to ensure you can restore your system in the event of a catastrophic failure.

Another important item to remember is that this process works for the ntds.dit file on a single domain controller. To compact the database on every domain controller, you'll have to perform this operation on each DC in turn. With that said, I don't recommend doing this on all servers simultaneously. Instead, take one DC down to perform the operation. Then wait a day or two before performing the operation on the next DC. The delay between operations will give the domain time to re-establish the equilibrium of its AD database updates.


James Michael Stewart is a researcher and writer for Lanwrights, Inc.

Editor's Note: This article originally appeared on SearchWin2000.com

This was first published in May 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.