Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Use ntdsutil in 2008 and above to extract ntds.dit #3854
This issue was RM8837, originally filed by Rich Rumble
This command will extract the NTDS.dit, SYSTEM and SECURITY files all in one command, and no need to invoke shadow copy. (Although I'm sure it's doing it for you in the bg)
I have screen shots that show it in action on my blog and it's built-in to 2008 and greater already!
You can shorten most of the commands as well http://technet.microsoft.com/en-us/library/cc753343.aspx
And you can add "nodefrag" http://technet.microsoft.com/en-us/library/cc732530.aspx to speed up the dump a bit :)
@todb-r7 yeah ntdsutil is great, but unfortunately only works in newer Server OSes. It actually invokves shadowcopy for you on the backend, and pulls the exact things you need to replicate the DC. As an added benefit, it actually properly disconnects the ESEDB in ntds.dit so that it can be properly accessed offline, whereas just doing shadowcopy leaves ntds.dit in a bad state that will require additional work to repair.
I know today there are lots of post modules that do some version checking.
On Thu, Mar 5, 2015 at 11:10 AM, dmaloney-r7 firstname.lastname@example.org