Dumping the AD Database

A good way to gain understanding into the way AD works is to take a look inside the database. To achieve this:

1. Start Ldp.exe on the domain controller

2. Connect to local host, and then bind as an administrator.

3. Click on the Browse > Modify from the menu at the top.

4. Edit Attribute: dumpdatabase.

5. Edit Values: name ncname objectclass objectguid instancetype.

6. Click Enter. This will cause the Entry List box to put in this entry:

[Add]dumpdatabase: name ncname objectclass objectguid instancetype

7. Click the Extended and Run options.

8. Dump will be in with NTDS.dit called Ntds.dmp

9. You can then view the database using your favorite editor:

Additional resources