Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Where are Active Directory log files stored

Posted on 2009-05-06
6
Medium Priority
?
17,995 Views
Last Modified: 2012-05-06
I would like to look at the active directory log files but have no idea where they are stored. We are using server 2003.
0
Comment
Question by:terryw-sec
6 Comments
 
LVL 3

Expert Comment

by:ISWSIMBX
ID: 24318604
It's located at %systemroot%\NTDS
0
 
LVL 3

Expert Comment

by:ISWSIMBX
ID: 24318626
Here is a little more information on each of the files:

NTDS.DIT
-Active Directory Storage File
-Maintains 3 Tables: Data Table, Link Table, Security Descriptor Table
EDB.LOG
-Current Transaction Log
-All Transactions created here before being committed to NTDS.DIT
EDB****.LOG
-Logs that are complete and committed to NTDS.DIT
EDB.CHK
-Checkpoint file (JET) used to identify committed vs. uncommitted transactions
RES1.LOG and RES2.LOG
-Reserved space for EDB.LOG
-Each file is 10mb
0
 
LVL 3

Accepted Solution

by:
ISWSIMBX earned 2000 total points
ID: 24318653
Since I couldn't be bothered to put everything into one post, here is another way to check in the registry.  Check this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters

That will contain the location of your DIT file and your AD Log Files.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 24318666
Out of curiousity, what are you actually trying to accomplish? The EDB***.log files are not in any kind of reasonably human-readable format. If you are attempting to view System errors or security audit information, this will appear in the Event Viewer on each domain controller.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24320111
Not sure if you may be looking for readable .log files like Laura mentioned.  If you wanted to see dcpromo logs and some other logs you can read look at the logs in:
%systemroot%\debug
Thanks
Mike
0
 

Author Comment

by:terryw-sec
ID: 24356659
Thank you for all your input and help.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question