none
How do you restore active directory database without system state backup. I do have a full backup with 3rd party s/w. What files do I need?

    Question

  • I have a 2008 R2 domain controller. I don't use the windows backup. I have a full image of the server using Appassure backups, so I can restore individual files.

    I know I have to boot into Directory Services Restore Mode, but what files do I need to manually restore to the server from my backup to restore the Active Directory database to a previous date?

    Do I just copy the contents of the %windir%\NTDS and %windir%\sysvol\sysvol from my backup and overwrite the same folders on the server? Or is there more to it than that? I can only find info on restoring active directory using the system state backup from windows backup.


    • Edited by ingram87 Thursday, May 02, 2013 6:54 PM
    Thursday, May 02, 2013 6:39 PM

Answers

  • Hi,

    Active directory can not be restored using copy/paste method. If you want backup/resotre AD, then the only option is use AD aware backup/restore method that means system state only.

    Active Directory Backup and Restore
    http://technet.microsoft.com/en-us/library/bb727048.aspx


    Best regards,

    Abhijit Waikar.
    MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
    Blog: http://abhijitw.wordpress.com
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Thursday, May 02, 2013 7:05 PM
  • Take a look at your backup software recovery and its  steps, "Replay uses non-authoritative restore to recover Active Directory on Domain Controllers" AD restore option should be there.

    Once you makeup your mind which  restore to to go for,  perfrom move that direction. ( authoritative and non‐authoritative ) , remember none authoritative  you will lose some data. "  A non‐authoritative restore returns the Domain Controller to its state at the time of snapshot" the  changes in the .DIT database aftersnappshoot until the DC was crashed.

    http://www.appassure.com/support/KB/4110112/

    Microsoft offers two approaches for restoring Active Directory on Domain Controllers – authoritative and non‐authoritative. Replay uses non-authoritative restore to recover Active Directory on Domain Controllers. A non‐authoritative restore returns the Domain Controller to its state at the time of snapshot.

    good luck

    ocd

    Thursday, May 02, 2013 7:14 PM
  • Hello,

    just using some files is NO OPTION to restore a DC.

    Either contact the vendor from the software you use how to do it or you are lost and have to start fresh if NO option from them is available.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, May 04, 2013 5:37 PM

All replies

  • Hi,

    Active directory can not be restored using copy/paste method. If you want backup/resotre AD, then the only option is use AD aware backup/restore method that means system state only.

    Active Directory Backup and Restore
    http://technet.microsoft.com/en-us/library/bb727048.aspx


    Best regards,

    Abhijit Waikar.
    MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
    Blog: http://abhijitw.wordpress.com
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Thursday, May 02, 2013 7:05 PM
  • Take a look at your backup software recovery and its  steps, "Replay uses non-authoritative restore to recover Active Directory on Domain Controllers" AD restore option should be there.

    Once you makeup your mind which  restore to to go for,  perfrom move that direction. ( authoritative and non‐authoritative ) , remember none authoritative  you will lose some data. "  A non‐authoritative restore returns the Domain Controller to its state at the time of snapshot" the  changes in the .DIT database aftersnappshoot until the DC was crashed.

    http://www.appassure.com/support/KB/4110112/

    Microsoft offers two approaches for restoring Active Directory on Domain Controllers – authoritative and non‐authoritative. Replay uses non-authoritative restore to recover Active Directory on Domain Controllers. A non‐authoritative restore returns the Domain Controller to its state at the time of snapshot.

    good luck

    ocd

    Thursday, May 02, 2013 7:14 PM
  • Hello,

    just using some files is NO OPTION to restore a DC.

    Either contact the vendor from the software you use how to do it or you are lost and have to start fresh if NO option from them is available.


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Saturday, May 04, 2013 5:37 PM