Create and Delete AD DS Partition with NTDSUTIL.EXE

Posted on Imoh Etuk By Imoh Etuk No Comments on Create and Delete AD DS Partition with NTDSUTIL.EXE
Slide2-1

AD DS partition Windows Server serves as a platform for building and deploying infrastructure within the corporate environment. This infrastructure deployment usually consists of applications, networks, user accounts, and web services. In this article, we shall learn Create and Delete AD DS Partition with NTDSUTIL.EXE. Ntdsutil.exe is a command-line tool that provides management facilities for Active Directory Domain Services (AD DS). Please see how to create, configure and apply Group Policy Objects on Windows Servers , and how to Install Windows Admin Center on Windows 10 & 11.

The NtdsUtil.exe tool not only allows you to create a custom AD DS partition but also enables you to perform several other AD DS-related management tasks actively. These tasks include NTDS database maintenance, creating snapshots, relocating database files, and offline defragmentation.

Caution: NTDSUTIL tool is a high level tool and is intended for use by experienced administrators. This steps applies to 2012, 2016, 2019 and 2022 versions.

Here is an excellent guide on Laps in Windows: How to Reset Directory Services Restore Mode (DSRM) Password.

What is NTDS?

Microsoft Windows Server uses NTDS (Windows NT Directory Services) as the directory service for storing data generated by Active Directory Domain Services (AD DS). Every Domain Controller in the domain saves the AD DS database in a file.

The AD DS database is stored in the ntds.dit file located in the NTDS folder of the system root, usually C:\Windows\NTDS. AD DS partition uses a concept known as multi-master replication to ensure that the datastore is consistent on all DCs. The AD DS refers to this process of ensuring data consistency and accuracy across all DCs as replication.

Active Directory Domain Services Partition

You see from the screenshot above that the AD DS database is just one file named NTDS.dit. NTDS.dit holds multiple partitions (config, schema, domain, app), each with unique data. Replication occurs within each partition’s topology.

Why do We Need a Custom AD DS Partition?

The reason why it is necessary to create an AD DS partition is some applications might need to store their data in the AD DS database. The idea of creating a custom AD DS partition usually occurs if there is a plan by an organization to develop an in-house suite of business applications.

Please see how to Manage Azure Virtual Machines with Windows Admin Center and Serial Console, and how to install and configure Active Directory Domain Services on Windows Server 2022

Creating AD DS Custom Partition using NTDSUTIL.exe Tool

We are going to go through the short steps of creating and deleting the AD DS custom partition through the following:

1: Run the command prompt (cmd) with elevated permission by Right-clicking it and clicking “Run as Administrator”.

Active Directory Partitioning

In the Command Prompt Window, type ntdsutil.exe

AD Domain Services Partition

2: You can also assess the Ntdsutil tool through the Run command dialog box by pressing Windows Key + R, the Run dialog box shows up type ntdsutil.exe

Domain Controller Partition

Now we are right in the NSDTUTIL.exe terminal console.

Run-NTDSUTIL-directly
NTDSUTIL.EXE Tool

2. Confirm that the Active Instance is set to NTDS by running the command below

ac in ntds
Confirm-the-active-instance
NTDS Active Instance

3. Set the target to partition management, and establish server connection to the domain by running partition management, AD DS partition and Enter followed by typing connection.

This brings up server connection. From here type {connect_to_server_domain_name} and press the Enter key. Ensure you type the commands exactly as shown in the screenshot below, with parentheses and underscores.

Server-Connection
Partition Management and Server Connection

4. Next step is to quit the Server connection by typing quit within the Ntdsutil.exe console. From here, let’s run the list command to list out all the existing AD DS partitions within the NTDS.dit file.

List-Partitions

5. Create a new AD DS partition by running the command below within the partition management. Remember to replace the details with your details.

create nc dc=AppPartition,dc=tectdirectarchi,dc=com techdirectarchive.com
Added-a-New-Partition
Create New AD DS Partition

Increased Number of Partitions: A Comparison

Upon comparing the above and previous screenshots, you’ll notice an increase in partitions from 4 to 5.

6. The last step is to delete and quit the partition management as well as quit the entire NTDSUTIL.exe tool. Let’s do this by running the command below. This will delete the newly created AD DS partition. you can use the list command to confirm the deletion.

delete nc dc=AppPartition,dc=tectdirectarchive,dc=com
Deletion-is-successful2
Delete AD DS Partition
Note that when typing commands within the NTDSUTIL.exe terminal console, there no space between them.

7. Now have done creating and deleting the, let’s go ahead and quit the NTDSUTIL.exe tool by typing quit in the terminal console.

In this article, you have been taken through the steps of “Create and Delete AD DS Partition with NTDSUTIL.EXE”. You learned about the NTDS directory service, its purpose, and the partitions within the NTDS.dit file.

Rate this post
Windows Server Tags:, , , ,

Related Posts

More Related Articles

Task Scheduler Errors and Success Codes All Task Scheduler Errors and Success Codes Windows Server
image 78 How to enable LDAP over SSL with a third-party Certificate such as DigiCert Windows
Manage OU Delete or Rename and Create a Protected Organisation Unit in AD Windows Server
UpdateOfficeOnlineServer 1 Perform Office Online Server Update via Windows Updates Windows Server
CAL Removal How to Remove and Manage RDS Licenses Web Server
Active Directory Security Hardening with GPO and Policy Analyzer Harden Active Directory Using CIS Benchmark and MSCT 1.0 Windows Server

Leave a Reply