Home | Windows | Network | Interview Questions | Database | Virtualization | Knowledge Base | Contact Us

Quick Links

DNS FAQ's

DHCP FAQ's

Active Directory FAQ's

AD History

Configuring New Domain

Deleted Object Recovery in AD

 

Global Catalog Server

NetDom Command

Replmon Command

NTDS Utility Guide

FSMO Guide

FSMO Failure

 

Network Interview Questions

SQL Interview Questions

Windows 2003 KB

Windows 2008 KB

Network KB

Knowledge Base Home

Virtualization

 

Active Directory Trust

Group Policy Guide

IIS 6.0

RAID Levels

RPC Guide

Domain & Forest Functional Levels

SQL Failover Cluster

Performing a Nonauthoritative Restore of AD DS

A non-authoritative restore returns the domain controller to its state at the time of backup, then allows normal replication to overwrite that state with any changes that have occurred after the backup was taken. After you restore the system state, the domain controller queries its replication partners. The replication partners replicate any changes to the restored domain controller, ensuring that the domain controller has an accurate and updated copy of the Active Directory database.

Non-authoritative restore is the default method for restoring Active Directory, and you will use it in most situations that result from Active Directory data loss or corruption. To perform a non-authoritative restore, you must be able to start the domain controller in Directory Services Restore Mode.

1. Restart the domain controller.

2. After the boot option menu appears, press F8 to start the domain controller in DSRM.

3. When the recovery options menu appears, select the option for DSRM.

  1. At the Windows logon screen, click Switch User, and then click Other User.

  2. Type .\administrator as the user name, type the DSRM password for the server, and then press ENTER.

  3. Click Start, right-click Command Prompt, and then click Run as Administrator.

  4. At the command prompt, type the following command, and then press ENTER:

    wbadmin get versions -backuptarget:<targetDrive>:

    -machine:<BackupComputerName>

    Where:

    • <targetDrive>: is the location of the backup that you want to restore.

    • <BackupComputerName> is the name of the computer where you want to recover the backup. This parameter is useful when you have backed up multiple computers to the same location or you have renamed the computer since the backup was taken. 

  5. Identify the version that you want to restore.

    You must enter this version exactly in the next step.

  6. At the command prompt, type the following command, and then press ENTER:

    wbadmin start systemstaterecovery -version:<MM/DD/YYYY-HH:MM>

    -backuptarget:<targetDrive>: -machine:<BackupComputerName>

    -quiet

    Where:

    • <MM/DD/YYYY-HH:MM> is the version of the backup that you want to restore.

    • <targetDrive>: is the volume that contains the backup.

    • <BackupComputerName> is the name of the computer where you want to recover the backup. This parameter is useful when you have backed up multiple computers to the same location or you have renamed the computer since the backup was taken. 

    If you do not specify the -quiet parameter, you are prompted to press Y to proceed with the restore process and press Y to confirm that the replication engine for SYSVOL has not changed since you created the backup.

    After the recovery operation has completed, if you are not going to perform an authoritative restore of any restored objects, restart the server.

Additional considerations

Be aware of the following issues when you perform a nonauthoritative restore of AD DS:

  • If the nonauthoritative restore procedure is preliminary to performing an authoritative restore of any restored objects, do not restart the domain controller until after you have completed the authoritative restore procedure.

  • When you use System Recovery Options to restore a Windows Server 2008 domain controller in an environment that has Distributed File System (DFS) Replication implemented, the SYSVOL restore is performed nonauthoritatively by default. To perform an authoritative restore of SYSVOL, include the -authsysvol switch in your recovery command, as shown in the following example:

    wbadmin start systemstaterecovery <otheroptions> -authsysvol

  • If you use File Replication Service (FRS), the restore operation sets the BURFLAGS registry keys for FRS, which affects all replica sets that are replicated by FRS. 

  • Wbadmin.exe does not require that you provide the target for the recovery. By specifying the backup version that you want to recover, the command proceeds to recover to the source location of the specified backup version.

  • Backup files are named for the date and time of the backup. When you recover, the version must be stated in the form MM/DD/YYYY-HH:MM, which specifies the name of backup that you want to recover. 

  • After the restore is completed, restart the server normally, and perform basic verification. When you restart the computer normally, AD DS and Active Directory Certificate Services (AD CS) automatically detect that they have been recovered from a backup. They perform an integrity check and index the database again.

  • After you log on to the system, browse AD DS, and verify that the following conditions are met:

    • All of the user objects and group objects that were present in the directory at the time of the backup are restored. 
    • Files that were members of a FRS replica set and certificates that were issued by AD CS are present.

    • The Windows Time service (W32time) is synchronized correctly.

    • The NETLOGON and SYSVOL folders are properly shared.

    • The Preferred DNS server address is configured correctly.

    • Host (A) and service (SRV) resource records are registered correctly in Domain Name System (DNS).

Authoritative Restore

Go Back To Previous Page

HTML Comment Box is loading comments...

Home | Windows | Network | Post Ur Issues | Database| Knowledge Base | Contact Us

Designed by TechieBird