How to Perform Active Directory Offline Defragmentation

October 19, 2012 updated by Admin Leave a reply »

The Active Directory database tends to become fragmented over time, just like any other database does. Although Windows Server 2008/2003/2000 performs behind-the-scenes online defragmentation periodically, this defragmentation only moves data around the database file (NTDS.DIT) and doesn’t reduce the file’s size – the ntds.dit database file cannot be compacted while Active Directory is online. If you have significantly fewer objects in AD than you had previously, you can shrink the size of the ntds.dit file by performing an offline defragmentation.

Tips: If you forgot domain administrator password in Active Directory and can’t log on the domain controller, you can reset/unlock any domain user account passwords easily with Reset Windows Password utility.

Performing an offline defragmentation can increase performance, however, the main reason would normally be to free up disk space. Please note, you should backup your database before doing this by copying your ntds.dit to another location.

How to Perform Active Directory Offline Defragmentation?

First, you need to stop the Active Directory Domain Service. You can defrag / compact the ntds.dit database file when AD is not running. It’s not necessary to reboot into Directory Services Restore Mode.

After the services have been stopped, open a Command Prompt on the server, and enter the following commands:
NTDSUTIL
Activate Instance NTDS
Files
Info

At this point, you should see a summary of the files that are used by the Active directory database. To begin the defragmentation process, enter the following command:
Compact to e:\windows\ntds\temp
The command shown above assumes that you have created a folder named Temp beneath the e:\windows\ntds\temp folder.

When the process completes, you need to do what it says and copy the defragged database from e:\windows\ntds\temp\ntds.dit to e:\windows\ntds\ntds.dit.

Finally, restart the Active Directory Domain Services (the dependency services will restart automatically). You now have a smaller and better performing Active Directory.