Skip to content
May 4, 2007 / Steve Rosa

Windows Server Codename “Longhorn” – Restartable AD DS in action

Another cool feature in “Longhorn” is the ability to restart Active Directory Domain Services, like any other Windows services. This alleviates the need to reboot the server in “Directory Services Restore Mode”, like we used to do in Windows 2000 or 2003 when we would want to perform online defragmentation or restore operations.

The immediate and huge benefit is that other services that are running on the server and that do not depend on AD DS to function, such as Dynamic Host Configuration Protocol (DHCP), remain available to satisfy client requests while AD DS is stopped.

In the rest of this post, I will perform an offline defragmentation of my Active Directory, without bringing the whole server down. Pretty cool, no?

Let’s say that my domain controller SRO-LH-01 is running fine but we have received some notification that the AD database requires some offline defragmentation.

At the Command Prompt, we type the usual ntdsutil commands. As expected, no chance, as Active Directory is online (don’t mind the activate instance NTDS command for now – I’ll come back on this later on):


As explained, AD has now its own Windows service:


I clicked on Stop. There are some other services depending on AD DS, which must also be stopped:


AD DS is now stopped, as shown in the Services snap-in:


Also, in the Active Directory event log, we find confirmation:


So, back to work and let us do the actual offline defragmentation operation:


We finish by copying the new (compacted) NTDS.DIT to its final place and by deleting the log files pertaining to the old (uncompacted) Active Directory database:


I start again the AD DS service:




Some checks show nothing wrong with AD. Note that the services depending on Active Directory (that we stopped earlier) have been restarted. 

Wow, I like that!!!

So, if I had to do this in Windows 2000/2003, I would need to:

  1. reboot the server in Directory Services Restore Mode (F8)
  2. log on with DSRM account and password
  3. do the offline defragmentation / put new DIT file in place
  4. reboot in normal mode
  5. log on with administrative privileges
  6. check

==> huge impact on the users connected to the server (downtime, …).

Now, with “Longhorn”, the sequence is:

  1. log on with administrative privileges
  2. stop AD DS service
  3. do the offline defragmentation / put new DIT file in place
  4. start AD DS service
  5. check

==> minimum impact on the users



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: