1
00:00:01,040 --> 00:00:05,120
Now, this may prevent people from logging on,

2
00:00:05,120 --> 00:00:10,640
depending upon the FSMO role situation on this domain controller.

3
00:00:10,640 --> 00:00:13,870
So even though we don't have to down the entire server to

4
00:00:13,870 --> 00:00:17,140
boot into Directory Services Restore Mode,

5
00:00:17,140 --> 00:00:20,080
I just don't want to underestimate the potential

6
00:00:20,080 --> 00:00:23,380
impact of even restartable AD DS,

7
00:00:23,380 --> 00:00:28,010
particularly when it comes to DNS and FSMO roles,

8
00:00:28,010 --> 00:00:32,340
as well as any other functions that your domain controller is offering.

9
00:00:32,340 --> 00:00:33,240
Okay?

10
00:00:33,240 --> 00:00:35,190
Okay, so now that we've gotten this far,

11
00:00:35,190 --> 00:00:36,430
let me clear the screen,

12
00:00:36,430 --> 00:00:43,170
and let's do an ntdsutil to enter the ntdsutil environment.

13
00:00:43,170 --> 00:00:44,430
It's an interactive tool.

14
00:00:44,430 --> 00:00:48,020
We'll do activate instance ntds,

15
00:00:48,020 --> 00:00:51,720
and then we'll shift to the file maintenance context,

16
00:00:51,720 --> 00:00:53,840
and I'm going to do a compaction.

17
00:00:53,840 --> 00:00:57,950
Actually, I just realized that I didn't create a folder for it,

18
00:00:57,950 --> 00:01:04,440
so let me just try compact to ctmp.

19
00:01:04,440 --> 00:01:05,640
Oh, good.

20
00:01:05,640 --> 00:01:08,250
I wasn't sure if there was a tmp folder.

21
00:01:08,250 --> 00:01:10,240
So what happened here?

22
00:01:10,240 --> 00:01:13,160
Well, the Active Directory database, as you can see,

23
00:01:13,160 --> 00:01:16,340
is actually a file called ntds.dit.

24
00:01:16,340 --> 00:01:18,930
Its under C:\Windows\NTDS.

25
00:01:18,930 --> 00:01:21,400
And when you do an offline compaction,

26
00:01:21,400 --> 00:01:25,200
you're basically creating another copy of the directory.

27
00:01:25,200 --> 00:01:27,880
So in a very large environment, you want to make sure,

28
00:01:27,880 --> 00:01:29,940
you have to make sure, actually,

29
00:01:29,940 --> 00:01:34,080
that your compact to destination has enough free space to

30
00:01:34,080 --> 00:01:36,630
accommodate another copy of that directory,

31
00:01:36,630 --> 00:01:38,740
which mine does because it's tiny.

32
00:01:38,740 --> 00:01:41,780
Now it says down below that Compaction was successful.

33
00:01:41,780 --> 00:01:47,840
We need to do a copy statement here and then delete because that compacted

34
00:01:47,840 --> 00:01:53,440
copy of the file still exists under c:\tmp\ntds.dit.

35
00:01:53,440 --> 00:02:00,990
So let me take care of that now, copy c:\tmp\ntds.dit,

36
00:02:00,990 --> 00:02:05,380
and we're copying it to C:\Windows\NTDS.

37
00:02:05,380 --> 00:02:09,940
Actually, instead of just the DIT file,

38
00:02:09,940 --> 00:02:13,570
I like the help that Microsoft has given us here because there are some

39
00:02:13,570 --> 00:02:17,640
other files besides just the DIT file that are dependencies.

40
00:02:17,640 --> 00:02:23,150
So notice that I'm doing c:\tmp\ntds.* to pick up all of the extensions

41
00:02:23,150 --> 00:02:27,230
and then the to destination is going to be Windows\NTDS.

42
00:02:27,230 --> 00:02:29,310
It didn't like that.

43
00:02:29,310 --> 00:02:30,560
Maybe it was the quotes.

44
00:02:30,560 --> 00:02:42,640
Let me try that one more time, ntds.*, and then we'll do C:\Windows\NTDS".

45
00:02:42,640 --> 00:02:43,340
Huh?

46
00:02:43,340 --> 00:02:43,880
Oh.

47
00:02:43,880 --> 00:02:45,880
Okay, I think I know what the problem is.

48
00:02:45,880 --> 00:02:50,120
I'm still in NTDS, so let me exit, or quit,

49
00:02:50,120 --> 00:02:55,150
there we go, and then exit, quit, a couple of quits,

50
00:02:55,150 --> 00:02:56,350
here we go, copy,

51
00:02:56,350 --> 00:03:00,490
or let me actually see if I can get to command history with my up‑arrow.

52
00:03:00,490 --> 00:03:02,840
No, I can't, unfortunately.

53
00:03:02,840 --> 00:03:05,470
So, I'm going to do this one more time with feeling,

54
00:03:05,470 --> 00:03:13,690
copy :\tmp\ntds.*, I shouldn't need quotes because I don't have spaces here,

55
00:03:13,690 --> 00:03:18,100
NTDS, great, and then we've got delete.

56
00:03:18,100 --> 00:03:19,800
I'm going to skip the del statement,

57
00:03:19,800 --> 00:03:23,550
but that's just cleaning up any residual old log files.

58
00:03:23,550 --> 00:03:27,540
Now, at this point, it's critical to know that we're not finished.

59
00:03:27,540 --> 00:03:34,000
The AD DS database has stopped, so we're going to need to finish with a Flourish by doing a net start