On Windows PowerShell and other admin-related topics

Active Directory Snapshots in Windows Server 2008

Snapshots is a new feature in Windows Server 2008 Active Directory Domain Services.
It allows you to take live snapshots of the Active Directory Database (ntds.dit).

Click on the image to see my example usage:


The snapshot can also be scheduled to be run i.e. on a daily basis by putting this in a cmd-file and scheduling it to run daily:
ntdsutil snapshot “activate instance ntds” create quit quit

As you can see on the image above you can list all snapshot by typing “list all” within the snapshot-context in ntdsutil.
Then you can type “Mount {GUID}” to mount the snapshot in the filesystem.

A utility called dsamain allows us to publish the mounted snapshot as an LDAP-server, which then can be access by i.e. ldp.exe


In this example I`ve used a great tool called Directory Service Comparison Tool made by Fredrik Lindström, you can see more info regarding the tool here.

Then I connect to the LDAP-server instance I set up with dsamain:


Now we can see modified, added and deleted objects (the snapshot is being compared to the live Active Directory database):



December 19, 2008 - Posted by | Active Directory management, Windows Server 2008

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: