RE: [ActiveDir] NTDS.DIT Size

ght be> > likely - just typed it from hard.> > > > This will give you an event every time when garbage collection runs> > (every 12 hrs) and tell you the amount of whitespace in the DB.> > > >  > > > > Whatever needs to be loaded should perform better

[ActiveDir] NTDS.DIT Size

Our AD (NTDS.dit) is at 1.7GB (approx. 250,000 users).   Should an offline defrag be performed at a regular interval?   Some articles I read only say it is only worthwhile if you are running low on space. We have plenty of drive space and RAM.   At what point should the AD be moved to 64 bit?   T

RE: [ActiveDir] Deny permissions in AD

I think you are correct.   I started looking into this immediately after posting.   Looks like domain admins, Self, and account operators have hard-coded rights to the object.   This would be applied before the inherited deny ACE.   Thanks!   JoshJoshua M. Coffman[EMAIL PROTECTED]Cell:(970) 402-3

[ActiveDir] Deny permissions in AD

I have an Active Directory 2003 domain that is used only as an LDAP User store for a 3rd party Identity Management Application.   There are no workstations or servers in the domain, other than the DCs themselves.   We are trying to lock down the domain, so that an ordinary user cannot read other

RE: Re: [ActiveDir] Errors During Authoritative Restore

ttID" | findstr /veic:"rDNAttID: ou" | findstr> > /veic:"rDNAttID: cn" | findstr /veic:"rDNAttID: o" | findstr> > /veic:"rDNAttID: dc" | findstr /veic:"rDNAttID: l" | findstr> > /veic:"rDNAttID: c" | findstr /veic:"

RE: Re: [ActiveDir] Errors During Authoritative Restore

ot;).> > 3. Also after we know it is logically consistent from AD's perspective (do> this via, exact command line provided:> ntdsutil "sem data anal" "go" "q" "q"> > Cheers,> BrettSh [msft]> Ex-Building 7 Garage Door Operator> >

RE: Re: [ActiveDir] Errors During Authoritative Restore

sistent from ESE's perspective (do this via "esentutl /g> ntds.dit").> > 3. Also after we know it is logically consistent from AD's perspective (do> this via, exact command line provided:> ntdsutil "sem data anal" "go" "q" "q">

[ActiveDir] Errors During Authoritative Restore

I have a few questions for you AD gurus out there! :)   I just ran through a Disaster Recovery test of two of our ADs and I have a few questions which have come up as a result of the test.   Configuration Notes: These boxes are Windows 2003, SP1. The domains were originally Windows 2000 domains.