AD-Database

How to perform offline defragmentation of the Active Directory database

How to perform offline defragmentation of the Active Directory database

Active Directory automatically performs online defragmentation of the database at certain intervals as part of the Garbage Collection process. (By default, this occurs every 12 hours.) Online defragmentation does not reduce the size of the database file (Ntds.dit) but instead optimizes data storage in the database and reclaims space in the directory for new objects.  

Performing an offline defragmentation creates a new version of the database file without internal fragmentation. It also re-creates all indexes. Depending on how fragmented the original database file was, the new file may be much smaller. 

It’s important to defragment the Active Directory database for best performance. Normally there is an online defragmentation that occurs about twice a day on the database, but this is more of a backup than defrag. It can give admins a false sense of security, thinking that the database has been defragged without any downtime.

The only way to truly defragment the Active Directory database, remove whitespace and decrease its size is with an offline defrag. This requires you to take Active Directory offline by booting a DC into Directory Service Restore Mode (DSRM), which boots up the DC in safe mode without mounting the AD database. Once booted, enter the NTDSUtil program and you will be able to perform a number of actions that are not possible with Active Directory online.

First, you need to stop the Active Directory Domain Service. You can defrag / compact the ntds.dit database file when AD is not running. It’s not necessary to reboot into Directory Services Restore Mode.

After the services have been stopped, open a Command Prompt on the server, and enter the following commands:
To begin the defragmentation process, enter the following command:

  • NTDSUTIL
  • Activate Instance NTDS
  • File
  • Compact to C:\Temp\ntds-db

When the process completes, you need to do what it says and copy the defragged database from C:\Temp\ntds-db\ntds.dit to C:\Windows\ntds\ntds.dit.

Finally, restart the Active Directory Domain Services (the dependency services will restart automatically). You now have a smaller and better performing Active Directory.

If you want to play with this in a test domain, you can record the size of the NTDS.DIT and then create a large number of users — say 10,000 — in the domain. Note the increased size of the NTDS.DIT. Then delete the users and follow the procedure just described to compact the database and replace the old one with the whitespace for the 10,000 deleted users. Compare the size of the new, compacted database with the size after you created the users. You could also wait for an online defrag of the database to occur (recorded with an event in the system event log) and see if that changes the NTDS.DIT size. Note that in a production situation, you want to perform database integrity checks to ensure stability.

It is not necessary to perform this offline defrag on a regular basis, but it’s good to do it after significant changes have been made — such as the removal of a large number of users or groups — to keep the database at an efficient size.

So, that’s all in this blog. I will meet you soon with some other stuff. Have a nice day !!!

Recommended content

RODC Installation Guide- Step by step guide to install read only domain controller

RODC Filtered Attribute Set

Installing and configuring a RODC in Windows Server-2012

How to find the GUID of Domain Controller

Understanding Group Policy Preferences

Group Policy Verification Tool GPOTool Exe

Group Policy Health Check on Specific Domain Controller

Netlogon Folder in Active Directory

Custom Attributes in Active Directory

Tombstone Lifetime of My Active Directory Forest

Computers AD Site From the Command Line

Active Directory Database Integrity

Disabling and Enabling the Outbound Replication

DFS Replication Service Stopped Replication

Strict Replication Consistency

The replication operation failed because of a schema mismatch between the servers involved

Troubleshooting ad replication error 8418 the replication operation failed because of a schema mismatch between the servers

Replication information in txt file

Repadmin Replsummary

Enabling the outbound replication

Guys please don’t forget to like and share the post.Also join our WindowsTechno Community and where you can post your queries/doubts and our experts will address them .

You can also share the feedback on below windows techno email id.

If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.

How useful was this post?

Click on a star to rate it!

As you found this post useful...

Follow us on social media!

Was this article helpful?
YesNo

Vipan Kumar

He is an Active Directory Engineer. He has been working in IT industry for more than 10 years. He is dedicated and enthusiastic information technology expert who always ready to resolve any technical problem. If you guys need any further help on subject matters, feel free to contact us on admin@windowstechno.com Please subscribe our Facebook page as well website for latest article. https://www.facebook.com/windowstechno

Leave a Reply

Back to top button