Windows Server 2008 Server Core : Managing the Active Directory Database with the NTDSUtil Utility

3/31/2011 9:39:52 PM

The Windows NT Directory Services Utility (NTDSUtil) is an interactive utility, for the most part, so you won't use it with a batch file very often. However, by entering the correct command at the command prompt, you can get to the correct area of this utility quickly. This utility uses the following syntax:

NTDSUtil [{Command | Stream}]

The following list describes each of the command line arguments.

Command

Specifies an optional starting point for executing commands in the interactive environment. Here's a list of standard commands that NTDSUtil understands.

Authoritative restore: Restores the Directory Information Tree (DIT) database.
Domain management: Prepares the system to create a new domain.
Files: Manages the NTDS database files.
Help: Displays help information about the selected management function. The help you see depends on the commands you issued previously. See the Stream command line argument entry for details.
IPDeny List: Manages the LDAP IP deny list. This list determines the machines that can access Active Directory remotely.
LDAP policies: Manages the LDAP protocol policies.
Metadata cleanup: Removes old metadata from the system. This feature includes removing old objects off decommissioned servers.
Popups {On | Off}: Enables or disables popups.
Quit: Ends a particular command level. You must issue multiple Quit commands, one for each level. See the Stream command line argument entry for an example. Entering the Quit command at the NTDSUtil prompt always exits the application.
Roles: Manages the NTDS role owner tokens.
Security account management: Manages the security account database. This command line switch also searches for and removes duplicate SID entries in the security account database.
Semantic database analysis: Analyzes the database looking for semantic errors.

Stream

Specifies multiple commands that NTDSUtil should execute as a stream. The commands must appear as a single string with each command separated with a space. For example, you can obtain help about the roles task by typing NTDSUtil Roles Help Quit Quit at the command line and pressing Enter. First, the NTDSUtil prompt appears, where the utility enters the Roles command. Second, at the Flexible Single Master Operations (fsmo) maintenance prompt, the utility enters the Help command. Third, the utility enters the Quit command to exit the fsmo maintenance prompt. Fourth, the utility enters Quit again to exit the NTDSUtil and the command prompts.

Other -----------------

- Windows Server 2008 Server Core : Configuring Directory Services - Deleting Objects Using the DSRm Utility

- Managing Metadata and Content Types in SharePoint 2010 : Enabling the Developer’s Dashboard for Troubleshooting

- Managing Metadata and Content Types in SharePoint 2010 : Metadata as a Navigation Aid

- Managing Metadata and Content Types in SharePoint 2010 : Creating and Using Managed Metadata

- Using Operations Manager to Monitor Exchange Server 2010 : Understanding Advanced OpsMgr Concepts

- Using Operations Manager to Monitor Exchange Server 2010 : Understanding OpsMgr Component Requirements

- Using Operations Manager to Monitor Exchange Server 2010 : Understanding How to Use OpsMgr

- BizTalk 2010 Recipes : Messaging and Pipelines - Creating Encryption Pipelines

- BizTalk 2010 Recipes : Messaging and Pipelines - Creating Validation Pipelines

- BizTalk 2010 Recipes : Messaging and Pipelines - Using Send Port Groups