Garbage collection process of Active Directory
Garbage collection is a process that is designed to free space within AD database.
This process run on every DC with default lifetime interval of 12 hrs(can be change by modifying garbagecollperiod attribute in NTDS)
When the object is deleted ,it is not removed actually. Instead ,object is marked for deletion and stored for amount of time.This is replicated to all DCs.
After deleting an object or setting isDeleted attribute to TRUE Active Directory moves these records to Deleted Object container in the partition that contained the object.This is called tombstone objects
Windows 2000/2003 Servers delete all tombstone objects after 60 days after their original status. Active Directory sets isDeleted attribute to TRUE after the 60 days automatically or when you delete an object manually.
Garbage collection process starts by removing the remains of previously deleted objects from the database also deletes unnecessary log files. Finally, the process starts a defragmentation thread to claim additional free space.
There are two methods to defragment the AD database.
One method is an online defragmentation
operation that runs as part of the garbage collection process. The advantage of this method is that the server does not have to be taken offline for the operation to run. However, this method does not reduce the size of the Active Directory database file (Ntds.dit).
The other method is an offline defragmentation
takes the server offline and defragments the database by using the Ntdsutil.exe utility. This requires that the database to start in repair mode (DSRM). The advantage of this method is that the database is resized and unused space is removed. Therefore, and the size of the Ntds.dit file is reduced.
For doing this Restart machine and press F8 and select DSRM.This will boot with safe mode
> CMD >type ntdsutil then type file then info. This will show sall the information about DB
Then type compact to drive\path(ie c:\offdfrag)
After delete log files existing and copy NTDS.Dit file to c:\windows\NTDS
Changes to tombstone lifetime in Windows Server 2003 Service Pack 1
The default tombstone lifetime (TSL) in Windows Server 2003 has proven to be too short. For example, a prestaged domain controller may be in transit for longer than 60 days. An administrator may not resolve a replication failure or bring an offline domain controller into operation until the TSL is exceeded. Windows Server 2003 Service Pack 1 (SP1) increases the TSL from 60 to 180 days in the following scenarios:
A Windows NT 4.0 domain controller is upgraded to Windows Server 2003 by using Windows Server 2003 SP1 installation media to create a new forest.
A Windows Server 2003 SP1 computer creates a new forest.
Windows Server 2003 SP1 does not modify the value of TSL when either of the following conditions is true:
A Windows 2000 domain is upgraded to Windows Server 2003 by using installation media for Windows Server 2003 with SP1.
Windows Server 2003 SP1 is installed on a domain controller that is running the original release version of Windows Server 2003.
Increasing the TSL for a domain to 180 days has the following benefits:
Backups that are used in data recovery scenarios have a longer useful life.
System state backups that are used for installation from media promotions have a longer useful life.
Domain controllers can be offline longer. Prestaged computers approach TSL expiration less frequently.
A domain controller can successfully return to the domain after a longer time offline.