Monday, March 21, 2011

Analysing Active Directory database -NTDS.DIT- using NTDSUtil

Here is a procedure which you can use to analyze the Active Directory database - NTDS.DIT – and fix errors using NTDSUtil.

1.  Stop Active Directory Domain Services. 


2.  Run ntdsutil command from the command prompt. 

3.  To activate the AD instance enter Activate Instance NTDS command. 


4.  Enter Semantic Database Analysis command from the ntdsutil prompt. 


5.  To enable verbose logging, enter Verbose On command. 

6.  Then enter Go command.  This will start  the semantic analysis of the Ntds.dit.  The report is generated and written to a file named Dsdit.dmp.X, in the current directory, where n is an integer that is incremented each time that you carry out the command.


Some of the Active Directory database errors can be resolved using Go Fixup command.

7.  From the Semantic Checker prompt enter Go Fixup command:


8.  Enter Quit command two times to close the NTDSUtil prompt. 

9.  Start the Active Directory Domain Services and restart the Domain Controller. 


