?
Solved

Backing Up & Restoring Active Directory

Posted on 2006-04-07
4
Medium Priority
?
641 Views
Last Modified: 2008-05-30
I want to run a test DR situation.
I want to simulate like the office went down and we are building a new domain controller.
But I want to have a backup of the old DC[active directory] and restore to the new DC, active directory.

Now I backed up AD through NT's backup while DC is online.  Saved to a .bak file.
Can this be restored to the new DC?  Does this have to be in F8 mode, to do this.

Does anyone know how to do this.
Basically restoring to a totally different machine.
I'm reading MS's KB 263532 article about backup /restoring, but is just mentions a server in a workgroup.
How can you do this if the machine isn't a domain controller.
Thanks
0
Comment
Question by:autumn801
  • 2
  • 2
4 Comments
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 16406072
You cannot restore to a totally different machine, you need to restore to an identical hardware system.

Then you would install 2003, boot to Active Directory Restore Mode, and restore using the NTBACKUP utility.
0
 

Author Comment

by:autumn801
ID: 16407521
Microsoft said you could:
How to perform a disaster recovery restoration of AD on a computer with a different hardware configuration - 263532.

But it really doesn't say much, it just says a clean install Windows 2000/2003 on a stand-alone server in a workgroup.
But that defeats the point,  it doesn't have AD on it.  or the sysvol, etc.  It is just a stand alone server.

THis is for a disaster recovery test.  Any suggestions.
thanks
0
 
LVL 97

Accepted Solution

by:
Lee W, MVP earned 120 total points
ID: 16407585
I wasn't wrong in my statement, though Microsoft DOES provide a way around the problems you will LIKELY encounter:

Note this part of the link:
After the disaster recovery restoration process is completed successfully, the following three scenarios are possible:
•      Scenario 1: Windows starts successfully.
•      Scenario 2: Windows stops responding, or hangs, when you try to start it, but it starts successfully when you select the Safe Mode option. This behavior occurs because of the bus architecture chipset or because of an incompatible driver in the new computer. You may have to run an in-place repair or an upgrade operation.
•      Scenario 3: The computer stops responding in Start Windows Normally mode and in safe mode. You must run an in-place repair or an upgrade. This is typically caused by a mismatched hardware abstraction layer (HAL). You may have to press F7 during Windows startup to force the standard version of the HAL for the operating system to start successfully.

Scenario 1 is most likely in circumstances where you swap systems but use the same motherboard chipset.

Scenario 2 & 3 are likely in almost EVERY OTHER INSTANCE.



If you read that article, it's pretty clear what it's saying:

Install Windows.
THEN restore your backup - the .bak file containing the system state.  When you restore the system state, you are essentially restoring all the critical information regarding the domain as well as active directory.  I suspect doing the reg hack they tell you do is the reason you don't need to go into AD Restore Mode.
0
 

Author Comment

by:autumn801
ID: 16450757
Well I did that, and the machine rebooted just fine, with a few errors, but AD did not restore.
It shows up in the folder NTDS.

So does anyone have any recommendations on what I should do.
thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question