Sometimes we run into a problem and we need to boot the domain controller in recovery mode or we just need to defragment the NTDS database.
In this article, I will walk you through how to use the bcdedit command to defragment an NTDS database.
Defragment the NTDS database
Before we start defragmenting the NTDS database, let’s go to the domain controller in recovery mode. We do this by opening an admin command prompt and typing the following command:
bcdedit / set safeboot dsrepair
We then restart the server to a safe state and then continue defragmenting the database.
But before restarting, if you are running at least Windows Server 2012 R2 or 2016, you can do all of this without rebooting the server in DSRM mode.
All you need to do is go to the Services Console and stop Active Directory Domain Services. Then you can proceed with defragmenting the database.
So, after you followed the above and either restarted DSRM where you need to log in with a local user account and not a domain account (to do this, you need to specify the server name followed by a backslash and then the name administrator user), or you stopped ADDS, you can go back to the command prompt and run the ntdsutil command.
Then you can activate the NTDS instance by typing activate ntds instance and pressing Enter.
Then enter the files command, which will put you in file serving mode.
Then we run the compact command: compact to C: . This creates a new ntds.dit file in the C: root folder.
Now that we’re done, we’re going to copy the new compressed DIT file and overwrite the current one by opening a command prompt and executing the copy command as indicated in the output.
copy “C: ntds.dit” “C: Windows NTDS ntds.dit” del C: Windows NTDS *. Log
We can now either restart the server or start the ADDS backup, whichever method you chose first. Enjoy!