Schedule a Demo
Blog April 1, 2020 Backups, Database, Maintenance, PKI

ADCS Database Log Truncation Change in Server 2019

by Mark B Cooper

In our past blogs on the subject of Windows Server ADCS backups, we have touched on the issue of jet database logs not being truncated and deleted in some scenarios.

Specifically, if backups are performed via snapshot or non-VSS based backups and secondly, if any logs are still held open by the jet database even if unused after truncation. To address the second issue, the stopping and starting of ADCS allows those files handles to be released.

We were recently pleased to see that this behavior has changed in Windows Server 2019. When a proper backup is performed on the CA (VSS based, Certutil or Certificate Authority GUI) database logs will be truncated and deleted if they are no longer needed. There is no longer a dependency on ADCS stopping to release file handles.

As a result, we have updated our previous blog articles to reflect the problem of truncation is applicable to Windows Server 2016 and older. This new behavior is available in the RTM version of Server 2019 – no updates are needed.

Expand Your PKI Visibility

Discover why seeing is securing with revolutionary PKI monitoring and alerting.

Learn More About PKI Spotlight®

Related Resources

  • Blog
    May 1, 2024

    Strengthening Security with Centralized MFA Integration

    MFA, PKI, PKI Spotlight
  • Blog
    April 29, 2024

    PKI Insights Recap – PKI Posture Management for Digital Certificates

    Digital Certificates, PKI, PKI Insights
  • Blog
    March 7, 2024

    PKI Insights – Avoiding PenTest Pitfalls

    Certificates, PKI, PKI Insights

Mark B Cooper

President & Founder at PKI Solutions, Leading PKI Cybersecurity Subject Matter Expert, Author, Speaker, Trainer, Microsoft Certified Master.

View All Posts by Mark B Cooper

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *