UN 9 Active irectory Maintenance and roubleshooting onna Warren 2005-2010
opics for this Unit he Active irectory database atabase defragmentation Moving the Active irectory database System State Backup Scheduling Active irectory backups estoring Active irectory Authoritative, nonauthoritative, and primary restores onna Warren
Maintaining Active irectory A solid monitoring and maintenance plan can prevent potential problems Active irectory is a database based on the t xtensible Storage ngine (S) format hanges are referred to as transactions Active irectory writes the transaction to the ransaction log file (edb.log) Active irectory updates the edb.chk checkpoint file (A reference for database information written to disk) onna Warren
Fragmentation Fragmentation refers to when data from thedatabase is divided into pieces scattered across the disk As modifications are made to the database, fragmentation can occur As the database becomes more fragmented, searches slow down and performance deteriorates he potential for database corruption exists onna Warren
efragmentation efragmentation is the process rearranging dt data contiguously to efficiency i he size of the database may be reduced, making room for additional objects nline defragmentation an automatic process that occurs during the garbage collection process, which runs by default every 12 hours and removes all tombstones onna Warren
ombstones What is left of an object that has been deleted eleted objects are not completelyremoved from the Active irectory database they are marked for deletion ombstone have a lifetime of 180 days, by default When the lifetime expires, the objects are permanently deleted during the garbage g collection process Additional free space is reclaimed during the garbage collection process through the deletion of tombstones and unnecessary log files onna Warren
Manual (ffline) efragmentation Manual process that defragments the Active irectory databaseinadditionto addition to reducingits its size Performing an offline defragmentation is not considered to be a regular maintenance task ou should only perform an offline df defragmentation tti if you need to recover a significant amount of disk space An offline defragmentation cannot run while the A S service is running Performed while the server is booted to irectory Services estore Mode using the ntdsutil command onna Warren
Backing Up Active irectory ou must install the Windows Server Backup feature from the Server Manager console o perform backups from the command line, you must install Windows PowerShell (cannot be installed on Server ore) Windows Server Backup supports the use of and di drives as backup destinations, but tdoes not support magnetic tapes as backup media ou cannot perform backups on dynamic volumes Use Server Backup or the Wbadmin.exe commandline tool Must be a member of the Administrators group or the Backup perators group onna Warren
Backing Up State ata Server 2008 backs up state data by backing up critical volumes he system volume, which contains the boot files, bootmgr.exe (the Windows boot loader) and the Boot onfiguration ata (B) store and replaces the boot.ini file in previous versions of Windows he boot volume, which h contains ti the Windows operating system and the egistry hevolumethat contains thesslshare share. he volume that contains the Active irectory database (Ntds.dit). he volume that contains the Active irectory database log files onna Warren
System State ata At a minimum, the System State consists of the following data, plus any additional data depending on the server roles that are installed egistry Mlass lass egistration database Boot files described earlier in this topic Active irectory ertificate Services database Active irectory omain Services database SSL directory luster service information Microsoft nternet nformation Services (S) metadirectory System files that are under Windows esource Protection onna Warren
Backing Up Active irectory onna Warren
estoring Active irectory estoring Active irectory using normal replication estoring Active irectory using wbadmin and ntdsutil ou can use wbadmin to perform a nonauthoritativerestore restore of Active irectory estores a single Active irectory domain controller to its state bf before the backup hen the replication process will update the domain controller with the most recent information after the restore is complete onna Warren
Authoritative estore Used for rolling back or undoing changes for the Active irectory database esetting data in the SSL rolling back or undoing changes for eplica sets onna Warren
Primary estore Used forrestoring restoring Active irectory database, SSL and eplica sets for A stand alone domain controller he first domain controller of several domain controllers he first replica set Used when all domain controllers are lost onna Warren
Normal (Non Authoritative) estore Used forrestoring restoring Active irectory database, SSL and eplica sets for a single domain controller in a replicated environment Uses the normal replication i to restore the corrupted data onna Warren
Monitoring Active irectory Use the performance and eliability monitor to collect relevant data By discovering possible network problems before they occur, you have better control over their impact Monitoring Active irectory can provide the following benefits arlyalerts alerts to potential problems mproved system reliability Fewer support calls to the helpdesk mproved system performance onna Warren
irectory Service vent Log vents related to Active irectory are recorded in theirectory Service log he irectory Service log is created when Ati Active irectory is installed t logs informational events such as service start and stop messages, errors, and warnings his log should be the first place you look when you suspect a problem with Active irectory onna Warren
Summary When you back up Active irectory, you must include the System State data An authoritative restore uses the Ntdsutil command line utility A non authoritative restore reverts the Active irectory database to its state before the backup nline defragmentation is an automatic process triggered by the garbage collection process ffline defragmentation ti is a manual process that t requires the server to be restarted in irectory Services estore mode he Ntdsutil command line utility is used to perform the offline defragmentation onna Warren
bcdedit ommand line utility Lets you configure a domain controller to start in irectory Services estore Mode on the next bootup his allows manual defragmentation, restores, etc onna Warren
Lab 9 Perform a System State ata Backup ompact the atabase Perform an Authoritative estore estoring a User Account Answer the Lab Questions onna Warren