Creates installation media for writable (full) and read-only domain controllers (RODCs) and instances of Active Directory Lightweight Directory Services (AD LDS).
ifm is a subcommand of the ntdsutil command-line tool. Ntdsutil is built into Windows Server 2008, and it is available if you have the Active Directory Domain Services (AD DS) server role or the AD LDS server role installed. You must run ntdsutil from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator.
Before you run ifm, you must set an active instance of a directory that Ntdsutil is to use. You can either specify "ntds" to set AD DS as the active instance or you can specify the name of an AD LDS instance. For more information about how to set an active instance, see Ntdsutil.
For examples of how to use this command, see Examples.
Syntax
ifm {create full %s | create rodc %s | create sysvol full %s | create sysvol rodc %s} [quit]
Parameters
| Parameter | Description |
|---|---|
|
create full %s |
Creates installation media for a writable Active Directory domain controller, or an AD LDS instance, in the %s folder. You can specify only this parameter for an AD LDS instance. |
|
create rodc %s |
Creates installation media for an RODC in the %s folder. You can use this command only with AD DS. |
|
create sysvol full %s |
Creates installation media with SYSVOL for a writable Active Directory domain controller in the %s folder. You can use this command only with AD DS. |
|
create sysvol rodc %s |
Creates installation media with SYSVOL for an RODC in the %s folder. You can use this command only with AD DS. |
|
quit |
Returns to the prior menu. |
|
Help |
Displays Help for this command. |
|
? |
Displays Help for this command. |
Remarks
- You can run the ifm subcommand on a writable domain
controller to create installation media for an RODC. Ntdsutil
removes any cached secrets, such as passwords, from RODC
installation media. You can also create installation media for an
RODC by running the ifm subcommand on another RODC in that
domain. However, to generate installation media for a writable
domain controller, you must use another writable domain controller
as the source of the installation media.
- You cannot run the ifm subcommand on a domain controller
that runs Windows Server 2003. You cannot use a domain
controller that runs Windows Server 2003 to create
installation media for a domain controller that runs Windows
Server 2008, or vice-versa.
- You can use a 32-bit domain controller that runs Windows
Server 2008 to generate installation media for a 64-bit domain
controller that runs Windows Server 2008, and vice-versa.
- If the folder name contains spaces, enclose the path to the
folder within quotation marks.
- The full AD DS installation media includes the registry
and, as an option, SYSVOL data.
- The AD LDS installation media includes only the
Adamntds.dit file in the specified folder.
- When you create installation media for a domain controller, the
ifm subcommand stores the installation media in a subfolder
named Active Directory after the subcommand completes. You
must specify this same subfolder name when you install AD DS
on another domain controller.
- If you press Ctrl+C to interrupt the ifm subcommand or
if the subcommand fails to complete, remove the temp log files
before you try to run the ifm subcommand again. You can
restart the server to try to remove the temp log files if you
cannot remove them manually.
Examples
The following example creates RODC installation media that does not include SYSVOL data in a folder named Installation Media on drive C:
create rodc "C:\Installation Media"
The following example creates writable domain controller installation media that does include SYSVOL data in a folder named InstallationMedia on drive C:
create sysvol full C:\InstallationMedia