Windows Server 2008 improves AD management efficiency


After AD migrated from Server 2003 to Server 2008, it not only brought about performance improvement, but also the most convenient and efficient management and maintenance for managers. Server 2008 has unlimited potential. Here I share three tips to improve the efficiency and security of AD management.

1, do not restart DC quickly enter AD offline mode

Anyone who has done AD (Active Directory) knows that Windows Server 2000/2003 based DC (domain controller) if you want To maintain AD offline, you must restart the DC and then enter the restore mode of AD. The drawbacks of this are obvious. Applications such as RIS services, file services, and print services under AD are affected and cannot be run. In Windows Server 2008, we can stop the AD service without restarting the DC, and then perform operations that can only be performed while the AD is offline offline, without any impact on other services.

In Windows Server 2008, stopping the AD service is the same as stopping any other service. Execute "net stop ntds" on the command line (cmd) to stop the AD service, and of course stop the AD related services. : File copy service, inter-site communication, DNS server, etc., but has little effect on the entire server, at least faster and faster than restarting the DC. (Figure 1)

Figure 1 Stopping AD Service in Windows Server 2008

After the AD service is stopped, we can execute some of it only in offline mode. The operation, such as running the ntdsutil command to integrity verification, defragmentation of the AD database, use the copy command to move data, use the del command to clear the log and other operations. After the offline maintenance task is completed, we only need to execute "net start ntds" on the command line, and the AD service is restarted. Is it fast? (Fig. 2)

2 Run the ntdsutil command to verify the integrity of the AD database.
Previous page 12 3 4 5 Read more

Copyright © Windows knowledge All Rights Reserved