Improve the efficiency of AD management in Windows Server 2008

  

After AD migrated from Server 2003 to Server 2008, it not only brought about performance improvement, but also the most convenient and efficient management and maintenance for managers. Server 2008 has unlimited potential. Here I share three tips to improve the efficiency and security of AD management.


People who have done AD (Active Directory) know that Windows Server 2000/2003-based DC (domain controller) must restart DC and then enter AD if you want to maintain AD offline. The restore mode is fine. The drawbacks of this are obvious. Applications such as RIS services, file services, and print services under AD are affected and cannot be run. In Windows Server 2008, we can stop the AD service without restarting the DC, and then perform operations that can only be performed while the AD is offline offline, without any impact on other services.

In Windows Server 2008, stopping the AD service is the same as stopping any other service. Execute "net stop ntds" on the command line (cmd) to stop the AD service, and of course stop the AD related services. : File copy service, inter-site communication, DNS server, etc., but has little effect on the entire server, at least faster and faster than restarting the DC. (Figure 1)


Figure 1 Stopping AD Service in Windows Server 2008

After the AD service is stopped, we can execute some of it only in offline mode. The operation, such as running the ntdsutil command to integrity verification, defragmentation of the AD database, use the copy command to move data, use the del command to clear the log and other operations. After the offline maintenance task is completed, we only need to execute "net start ntds" on the command line, and the AD service is restarted. Is it fast? (Fig. 2)


2 Run the ntdsutil command to verify the integrity of the AD database.
Previous page 12 3 4 5 Read more

Copyright © Windows knowledge All Rights Reserved