Can I disable the circular logging method in Active Directory?
Actually you do NOT need to do anything…
Windows 2000/2003 Active Directory uses circular logging for maintaining transactions in the database (Ntds.dit). The log files are maintained until the data they contain is committed to the database. It uses these log files to recover transactions if the database is shut down in an inconsistent state (for example, as a result of a power failure or a blue-screen error message).
In Windows 2000 and Windows Server 2003, there is currently no way to disable or turn off circular logging.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
With Microsoft Exchange, Microsoft currently recommends that administrators turn this feature off, or never turn it on in the first place (unless the server is used as a Front end server). In Windows 2000/2003, this is not the case.
There is no documented or supported way to disable this feature in Windows 2000/2003. Because of the redundancy built into Active Directory with multiple domain controllers within a given organization and domain, Windows 2000/2003 has been optimized to use circular logging. Administrators should be able to successfully recover a domain controller with a solid backup strategy and at least one replica domain controller per domain in the organization.
When Windows 2000/2003 performs a database write operation, it records the transaction in a log file and shortly thereafter writes the transaction to memory. When the system has time or at system shutdown, the transactions are written to the database file.
Windows 2000/2003 records the transaction in the current log file (Edb.log), which is 10 megabytes (MB) in size. When it fills the current file, it creates a new log file (for example, Edb00001.log). The log files continue to be incremented, but circular logging purges the oldest file when the transactions within the log have been committed to the database. There are also two reserve log file named Res1.log and Res2.log. These files are used as placeholders in the event that the system runs out of disk space. Each file is also 10 MB in size.
Windows 2000/2003 also maintains a checkpoint file (Edb.chk) that records which transactions within the log have been committed to the database. If the computer stops responding (hangs), Extensible Storage Engine (ESE) can detect an improper shutdown by checking the last log recorded. If the last record is not a “shutdown” record, it replays the logs from the checkpoint. This event occurs at the first reboot after the system is shut down improperly. If the checkpoint file is missing for any reason, every transaction within the log file is replayed.