Open mrturtledev opened 6 years ago
I got the same issue.
Just in case someone happens on this issue, once copied outside the shadow copy, the following can be run (still from the DC where it was retrieved itself) :
esentutl /g C:\Path\To\NTDS.dit
esentutl /p C:\Path\To\NTDS.dit
Careful though, this can consume some resources depending on the domain size, so caution is warranted to prevent any issue on the DC.
Also, please don't attempt that on a live NTDS, only the one retrieved from the shadow copy.
If ntdis.dit was retrieved by the vss method (from Server 2003 for example) the database will most likely need repairing before running NTDSAudit.
Although it might be out of scope for NTDSAudit to repair the database before use, the exception caused should be caught and handled appropriately. Possibly with guidance to the user on how to repair the ntds.dit file.
C:\Tools\Dionach>NtdsAudit.exe -v NtdsAudit 2.0.0.0
NtdsAudit.exe ntds_needs_repair.dit