The temp.edb file

This file will be used during the Active Directory database maintenance to hold data and also to store information about large in-progress AD data transactions.

Every domain controller in the Active Directory infrastructure needs to be aware of the changes made in each domain controller. In that case, you may think it is the database being synced. But it is not the database, it is only the changes being synced. Therefore, each domain controller in the domain will not have the same size.

Most of the database systems have their own automatic data grooming techniques to maintain the efficiency of the system. This also gives administrators a chance to perform custom maintenance tasks to perform granular maintenance. The Active Directory database system is a self-maintained system. It does not required daily maintenance. However, there are situation where it requires manual intervention:

  • If the default database partition is running out of space or notices a potential hardware failure
  • To free up unused space in Active Directory database after mass object deletion

In order to move Active Directory, we can use a command-line tool called ntdsutil. When moving the database files, it is also recommended to move the log files, so it will not need to refer to two different disks. The minimum space requirement for the database file is 500 MB or the database file size along with 20% of the database file size (which ever is greater). The log file space requirement is also the same.

The database and log files cannot be moved while AD DS is running. So, the first step of the action is to stop the service:

net stop ntds

This will also stop the associated services such as KDC, DNS, and DFS.

The Active Directory database and log files cannot be moved to a non-existing folder. So before move the files, the folder needs to be created.

In my demo, I will be moving it to a folder called ADDB in a different partition:

ntdsutil
activate instance ntds
files
move db to E:ADDB
move logs to E:ADDB
integrityquit
quit

In the preceding command ntdsutil , initiate the utility. move db to E:ADDB moves the database files to the new location and move logs to E:ADDB moves the log files to new directory. The integrity part will verify the integrity of the database and log files in the new location:

Once it's completed, we need to start the AD DS using the following command:

net start ntds

As soon as this process is completed, it is recommended to make a full backup of the AD as the path changes. The previous backup, which was taken, will not be valid anymore.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.118.30.253