Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hueman domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/future4tech/public_html/wp-includes/functions.php on line 6114
NTDSUtil – Windows CMD Command - Future4Tech

Future4Tech

NTDSUtil – Windows CMD Command

by

Active Directory Domain Services management, database/metadata maintenance, etc.

Run NTDSUtil from an elevated command prompt. NTDSUtil.exe is built into Windows Server 2008 /R2. It is available if you have the AD DS or the AD LDS server role installed or if you install the Active Directory Domain Services Tools that are part of the Remote Server Administration Tools (RSAT).

This tool is intended for use by experienced administrators, NTDSUtil is very powerful, but it’s also dangerous – some commands will require Active Directory to be taken offline.

Syntax
      Ntdsutil option

Options
   activate instance %s        - Set "NTDS" or a specific AD LDS instance as the active instance.
   authoritative restore       - Authoritatively restore the DIT database.
   change service account %s1 %s2   - Change AD DS/LDS Service Account to
                                   username %s1 and password %s2.
                                   Use "NULL" for blank password, * to be prompted.
   configurable settings       - Manage configurable settings
   DS behavior                 - View and modify AD DS/LDS Behavior
   files                       - Manage AD DS/LDS database files
   group membership evaluation - Evaluate SIDs in token for a given user or group
   Help                        - Show help
   ifm                         - IFM media creation
   ldap policies               - Manage LDAP protocol policies
   ldap port %d                - Configure LDAP Port for an AD LDS Instance.
   list instance               - List all AD LDS instances installed on this machine.
   local roles                 - Local RODC roles management
   metadata cleanup            - Clean up objects of decommissioned servers
   partition management        - Manage directory partitions
   popups on                   - Disable popups
   popups off                  - Enable popups
   quit                        - Quit the utility
   roles                       - Manage NTDS role owner tokens
   security account management - Manage Security Account Database - Duplicate SID Cleanup
   semantic database analysis  - Semantic Checker
   set DSRM password           - Reset directory service restore mode administrator account password
   snapshot                    - Snapshot management
   SSL port %d                 - Configure SSL Port for an AD LDS Instance.  
For most commands, there is a short form, using the first few characters instead of the entire command, these are shown above in bold. Any abbreviation that will uniquely identify the command will work.

For example the interactive commands:

ntdsutil roles 
  "select operation target" 
    "connections" 
      "connect to server serverF4T" 
      quit 
  "list roles for connected server"
      quit
    quit
  quit 
Can be abbreviated for use in a script:

ntdsutil r "sel o t" c "co t s serverF4T" q "l r f c s" q q q

Or a little more readably:

ntdsutil rol "sel op targ" conn "conn to serv serverF4T" qu "li rol fo conn serv" qu qu qu

At the ntdsutil: prompt, type HELP any point to see the available commands/subcommands.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *


Notice: ob_end_flush(): Failed to send buffer of zlib output compression (0) in /home/future4tech/public_html/wp-includes/functions.php on line 5464