Question:

Any website is there to learn how to maintain and make back up of active directory with scenario?

by | earlier

0 LIKES Like UnLike

Tags:

Report

Answer The Question I've Same Question Too

Follow Question

2 ANSWERS

Sort By: Date | Rating

System State Data

Several features in the windows server 2003 family make it easy to backup Active Directory. You can backup Active Directory while the server is online and other network function can continue to function.

System state data on a domain controller includes the following components:

Active Directory system state data does not contain Active Directory unless the server, on which you are backing up the system state data, is a domain controller. Active Directory is present only on domain controllers.

The SYSVOL shared folder: This shared folder contains Group policy templates and logon scripts. The SYSVOL shared folder is present only on domain controllers.

The Registry: This database repository contains information about the computer's configuration.

System startup files: Windows Server 2003 requires these files during its initial startup phase. They include the boot and system files that are under windows file protection and used by windows to load, configure, and run the operating system.

The COM+ Class Registration database: The Class registration is a database of information about Component Services applications.

The Certificate Services database: This database contains certificates that a server running Windows server 2003 uses to authenticate users. The Certificate Services database is present only if the server is operating as a certificate server.

System state data contains most elements of a system's configuration, but it may not include all of the information that you require recovering data from a system failure. Therefore, be sure to backup all boot and system volumes, including the System State, when you back up your server.

Restoring Active Directory

In Windows Server 2003 family, you can restore the Active Directory database if it becomes corrupted or is destroyed because of hardware or software failures. You must restore the Active Directory database when objects in Active Directory are changed or deleted.

Active Directory restore can be performed in several ways. Replication synchronizes the latest changes from every other replication partner. Once the replication is finished each partner has an updated version of Active Directory. There is another way to get these latest updates by Backup utility to restore replicated data from a backup copy. For this restore you don't need to configure again your domain controller or no need to install the operating system from scratch.

Active Directory Restore Methods

You can use one of the three methods to restore Active Directory from backup media: primary restore, normal (non authoritative) restore, and authoritative restore.

Primary restore: This method rebuilds the first domain controller in a domain when there is no other way to rebuild the domain. Perform a primary restore only when all the domain controllers in the domain are lost, and you want to rebuild the domain from the backup.

Members of Administrators group can perform the primary restore on local computer, or user should have been delegated with this responsibility to perform restore. On a domain controller only Domain Admins can perform this restore.

Normal restore: This method reinstates the Active Directory data to the state before the backup, and then updates the data through the normal replication process. Perform a normal restore for a single domain controller to a previously known good state.

Authoritative restore: You perform this method in tandem with a normal restore. An authoritative restore marks specific data as current and prevents the replication from overwriting that data. The authoritative data is then replicated through the domain.

Perform an authoritative restore individual object in a domain that has multiple domain controllers. When you perform an authoritative restore, you lose all changes to the restore object that occurred after the backup. Ntdsutil is a command line utility to perform an authoritative restore along with windows server 2003 system utilities. The Ntdsutil command-line tool is an executable file that you use to mark Active Directory objects as authoritative so that they receive a higher version recently changed data on other domain controllers does not overwrite system state data during replication.
Report (0) (0) | earlier
http://www.cleverworkarounds.com/2007/12...
Report (0) (0) | earlier