David walker 2008-04-01 13:39:44
I am about to upgrade a Windows 2000 server to Server 2003 standard
As I mentioned in another thread on another topic, the server is running
AD for 8 users… There’s no Windows-based file replication; there is
nothing stored IN the AD directory except the logon names for those 8
users; I have only added or disabled a username about once every 2 years
for the past seven years.
There is no “forest”.
The users don’t share any folders among themselves: all of the shared
folders are on the server itself, so they are not publishing shares to
the AD. There is one shared system printer, and about half of the users
have their own personal printers that are not shared (so these printers
are not published to the AD). The active directory is pretty empty of
things to “direct”.
The system has a UPS.
Question: I would like to turn off the “feature” that disables write-
caching on the entire physical disk that holds the Active Directory
database and logs. How can I do this? Let’s say that I understand the
possible ramifications. For example, the server has not crashed or
suffered a power outage in 2 years, and the previous hardware did not
crash or suffer a power outage in 5 years.
The primary physical disk is a 320 GB IDE (UDMA-5) disk from Western
Digital with an 8 GB cache, with the system partitions mirrored to a 160
GB IDE (UDMA-5) disk with 8 GB cache.
I could disable the File Replication Service since it doesn’t have
anything to do. We don’t plan to use DFS in the 2003 server.
KB article 321543 says “If you use the Dcpromo tool to promote a Windows
2000-based server to a domain controller, the write caching functionality
(write-back cache is a firmware function) is turned off for any of the
logical drives that contain the Active Directory database or log files,
including the system disk. Write caching is turned off because the File
Replication Service (FRS) does not recover if power to the drive is
interrupted and if critical updates are lost.”
This last sentence doesn’t envision a scenario where the FRS is not
Any help would be appreciated. I realize this is not normally a good
idea, but I could re-enter the 8 users in the AD by hand in 10 minutes if
I had to.
Lanwench [mvp 2008-04-01 13:39:49
Hi – as I’ve mentioned in your other thread, you cannot upgrade in place
from Win2000 Advanced Server to Windows 2003 Standard – please don’t start a
when you’ve already got another one going.
Ace fekay [mvp 2008-04-01 13:40:19
Because it’s an AD service, you will want to keep the FRS enabled. It’s
normally used for AD replication, DFS, as well as SYSVOL replication. You
may even get EventID errors because of it; I think one of them if I remember
correctly, is EventID 13568. Even if you only have one DC, enable and start
Write cache is disabled by default on any DC. You can try to enable it but
it winds up disabling it automatically. It’s a safety feature, which I
believe you’ve even stated by posting that passage about the write cache on
As Lanwench also mentioned, I wouldn’t upgrade this guy and follow her
suggestions. Another possibility is yyou can buy new hardware with Windows
2003, adprep the domain and promote it. You can also install a separate new
DC in a new forest and migrate the users, groups, and computer accounts with
ADMT, as well as Exchange mailboxes using ExMerge, into the new domain. They
can even keep their profiles using the SID History option, as well as
passwords setting up a password server in ADMT.
Try to keep the topic in one thread. If you wanted this thread to be solely
about the write cache on a DC, then I can understand. However you have
additional questions in this posting that you could have kept in the other
one. Believe me, I was going to post in there, but I also saw this. So I
wasn’t sure which one to reply in because of some of the identical content.
So I flipped a coin and got this. It’s easier for everyone else not to have
to flip coins.
This posting is provided “AS-IS” with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP – Directory Services
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Infinite Diversities in Infinite Combinations
David walker 2008-04-02 13:20:36
”Lanwench [MVP – Exchange]”
The threads were on two different subjects. I don’t like to conflate two
unrelated questions in one post. People get flamed for that.
David walker 2008-04-02 13:20:38
AD replication to where? This is the only AD in the forest.
We don’t use DFS.
SYSVOL replication to where? There is not much stored in SYSVOL. We
don’t use startup scripts or folder redirection or roaming profiles.
Is AD replication or FRS required if there is only one server on the
subnet? Why? I am seriously trying to find out. Everything I have read
on AD talks about replicating the AD to other servers. They have no other servers.
As I said (in the other thread, which was about ANOTHER TOPIC), they
don’t run Exchange server. So there are no Exchange mailboxes. There is
only one group. There are only 8 users.
*I* am not going to buy new hardware! That would cost me money,
personally. I am helping a company upgrade to Server 2003, and I cannot
force them to buy a new server. And I don’t think I should. Their 2.4
GHz server with 2 GB memory and four 320 GB disk drives is powerful
enough to handle DHCP and host a few shared folders for 8 users,
especially with no Exchange server and no replication and no FRS and no DFS.
They don’t have anything in their profiles. I can recreate the userids
and set the passwords for these 8 users pretty easily (in five minutes,
probably) which is faster than migrating their profiles or using ADMT.
I did want this topic to be solely about the write cache on the DC! It
was you guys who criticized me for asking a different question. I have
two different questions that relate to the same server upgrade. I
thought it was best to make them two posts, since they are about different subjects.
Sorry. The background is the same, since the computer that the questions
are about are the same, but the questions were different: One was “can I
upgrade in place from Advanced Server 2000” and the other question was
“Can I get the cache turned back on”.
For both questions, the fact that it’s a VERY small system was extremely
relevant, so I repeated it. Turning the cache off to a database that’s
written to very rarely versus turning it off for a database that’s
written to very frequently are not the same thing, hence the background.
Sorry for giving the background.
I’ll probably install server 2003 fresh in a new partition on the system,
but I still would like write cache to work. If FRS is required when
there are no other servers to replicate to, let me know.
Lanwench [mvp 2008-04-03 00:08:22
But people also get flamed for multiposting. 🙂
I think I’ll bow out now!
David walker 2008-04-03 00:08:43
”Lanwench [MVP – Exchange]”
They were different questions! I was not multiposting!
Ace fekay [mvp 2008-04-03 20:51:08
It doesn’t matter. It’s a necessary service whether objects are using it or
Micrsoft purposely disables write cache on domain controllers in order to
prevent Active Directory database corruption in case a power outage or other
unexpected stoppage occurs. Write cache will always be disabled on a DC.
See if these articles explain why it is not recommended for any type of
database, especially AD, whether things are being written or not.
This article shows how to enable/disable write cache. However it has a
warning in red to not implement it due to implications during power outages.
Possible Data Loss After You Enable the ‘Write Cache Enabled’ Feature
Considerations when hosting Active Directory domain controller in virtual
hosting environments (applies to virtual and real)
Note You must disable the write cache for all components that use Extensible
Storage Engine (ESE) as their database format. These components include
Active Directory, the File Replication service (FRS), Windows Internet Name
Service (WINS), and Dynamic Host Configuration Protocol (DHCP).
Also, yes, the FRS is a necessary service, whether anything is getting
replicated (DFS, Sysvol, etc) or not. It is a necessary service. That link I
provided has some comments on the service.
As far as purchasing new equipment, that is your and your client’s
perogative. It was merely a suggestion..
Sir, I can understand your reluctance. You don’t have to believe anything
I’ve posted. I was trying to accurately and professionally respond to your
concerns. And I wasn’t trying to flame you. I just didn’t know wihch I
should respond to, that was all.