Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to backup and restore Group Policy links?

Posted on 2009-05-13
4
Medium Priority
?
2,489 Views
Last Modified: 2012-05-06
Hello,

I was wondering if it's somehow possible to backup and restore Group Policy links.
I know how to backup the GPOs using GPMC, but I never found out how to backup also the links - sometimes it might be difficult to remember, where the GPO was originally linked, especially when you have complex AD structure.

Thank you in advance.
Martin
0
Comment
Question by:martin_babarik
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:a_ro_no
ID: 24377858
The links are stored in the AD Database...
So a system state backup and AD restore would make the job.
0
 
LVL 13

Author Comment

by:martin_babarik
ID: 24377941
Well that's quite clear, but one of the benefits of using GPMC backup and restore is that you don't need to restart the DC to DSRM mode and you can restore GPOs on th fly.
Also when you have multiple DCs on the network the system state recovery wouldn't help, as I'd need to perform the authoritative restore of the links - and the question is "how?".
I suppose those links are stored in AD as objects, but I'm not able to find them - to identify what exactly to be restored.

Martin
0
 
LVL 3

Accepted Solution

by:
a_ro_no earned 1000 total points
ID: 24378178
Every container has an Attribute called gplink.
So if you take an ldifde dump of that attribute I guess you could reimport it later.
0
 
LVL 13

Author Closing Comment

by:martin_babarik
ID: 31581130
Yep, it seems that's what I'm looking for.
Thank you very much.
Martin
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question