Event ID 1539 — Database integrity

  • Article

Applies To: Windows Server 2008

Domain controllers host highly sensitive data. Domain controllers attempt to protect this data from accidental loss or corruption. Although you can use disk write caching to increase application performance, disk write caching is not recommended for use on a domain controller because it can increase the chance of data corruption and loss.

Event Details

Product: Windows Operating System
ID: 1539
Source: Microsoft-Windows-ActiveDirectory_DomainService
Version: 6.0
Symbolic Name: DIRLOG_FAILED_TO_DISABLE_DISK_WRITE_CACHE
Message: Active Directory Domain Services could not disable the software-based disk write cache on the following hard disk. Hard disk: %1 Data might be lost during system failures.

Resolve

Disable disk write caching

Disk write caching is a performance improvement feature, which is available on most hard drives, that allows applications to run faster by making it possible for them to proceed without having to wait for data write requests to be committed to the disk. However, these delayed writes can result in data loss if a power outage or equipment failure occurs that causes the loss of the disk write cache data. Therefore, we recommend that you disable disk write caching on disks that host the Active Directory database.

Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure. Review details about default group memberships at https://go.microsoft.com/fwlink/?LinkID=150761.Complete this procedure on the computer that is logging the event to be resolved.

To confirm that disk write caching is disabled on the disks that host the Active Directory database (Ntds.dit):

  1. Open the Computer Management snap-in. To open Computer Management, click Start, type compmgmt.msc, and then click OK.
  2. In the console tree, click Disk Management. Right-click the disk that holds the Ntds.dit file, and then click Properties. The Ntds.dit file is located in the %systemroot%\NTDS folder by default.
  3. Click the Volumes tab, select the volume that holds Ntds.dit, and then click Properties.
  4. On the Hardware tab, select the volume that holds Ntds.dit, and then click Properties.
  5. Click the Policies tab, and ensure that the Enable write caching on the disk check box is cleared. Click OK twice.

After you complete this procedure, perform it again to ensure that the Enable write caching on the disk check box is still cleared. If you notice that the check box is not cleared, review the hard disk controller or system BIOS settings and documentation. You may have to disable disk write caching through the vendor's BIOS or a similar tool. You can also check with the vendor for hardware driver updates.

Verify

Membership in Domain Admins, or equivalent, is the minimum required to complete these procedures. Review details about default group memberships at https://go.microsoft.com/fwlink/?LinkID=150761. Perform these procedures on the computer that is logging the event to be resolved.

To confirm that disk write caching is disabled on the disks that host the Active Directory database file (Ntds.dit):

  1. Open the Computer Management snap-in. To open Computer Management, click Start, type compmgmt.msc, and then click OK.
  2. In the console tree, click Disk Management. Right-click the disk that holds the Ntds.dit file, and then click Properties. The Ntds.dit file is located in the %systemroot%\NTDS folder by default.
  3. Click the Volumes tab, select the volume that holds Ntds.dit, and then click Properties.
  4. On the Hardware tab, select the volume that holds Ntds.dit, and then click Properties.
  5. Click the Policies tab, and ensure that the Enable write caching on the disk check box is cleared. Click OK twice.

To verify the integrity of the Ntds.dit file and the database:

  1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. Stop the NTDS service: type net stop ntds, and then press ENTER.
  3. When you are prompted to stop dependent services, type Y, and then press ENTER.
  4. Type ntdsutil, and then press ENTER.
  5. At the ntdsutil: prompt, type activate instance ntds, and then press ENTER.
  6. Type semantic database analysis, and then press ENTER.
  7. Type go, and then press ENTER. No errors should appear during the scan if the database integrity is intact. If there are errors, use the go fixup command to resolve those errors. If errors remain, restore the database from backup. For more information, see Active Directory Backup and Restore in Windows Server 2008 (https://go.microsoft.com/fwlink/?LinkId=149696).
  8. Type q, and then press ENTER.
  9. Type files, and press then ENTER.
  10. Type integrity, and then press ENTER. This should run an integrity check, which should be successful.
  11. Type q, and then press ENTER twice to exit the tool.
  12. Start the NTDS service: type net start ntds, and then press ENTER.

Database integrity

Active Directory