Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Restore AD and Domain

Posted on 2014-02-11
7
Medium Priority
?
439 Views
Last Modified: 2014-03-02
Hello Experts,

I am curious to know for my knowledge.

I have a 1 Windows 2008 R2 Domain Controller and DNS Services ( on same server)  and 80-85 workstation joined to this domain
I have 120 users with serveral OU's
I have some GPO's.

And I have system state backup for the previous day ( the day before server crashed)

Lets assume this server due to hardware failure and no way to return it back. In this case I have to introduce another server to restore AD.

How I can fully restore my active directory services Please can someone provide step by step guide

Note: I know Additional Domain Controller can be rescue this issue. But I don't ADC.

Thanking in Advance
0
Comment
Question by:cciedreamer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 25

Expert Comment

by:Sekar Chinnakannu
ID: 39852541
make sure you have took 100% full backup with system state. here is steps for restore the AD from your backup http://community.spiceworks.com/how_to/show/27-restore-active-directory
If you want more specific refer this MS article http://technet.microsoft.com/en-us/library/bb727048.aspx
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39852555
Thanks,

Well I use the backup method mentioned in the link  here  using
wbadmin start systemstatebackup -backuptarget:e

Open in new window


Step 1 To prepare another with windows 2008 R2 ( same OS) then proceed with restore process directly mentioned in the above link
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 800 total points
ID: 39853487
If you are using Windows Server Backup to perform a Restore you need to have the following...
- New Server built (same OS with patches applied)
- System State backup
- Perform Authoritative Restore during the Restore process
- After server has been restored, open command prompt and run "netdom query fsmo"
- make sure that FSMO roles are currently held by the DC, if not you will need to seize them to the DC you have restored

Authoritative Restore with Windows Server Backup

Use NTDSUtil to Seize the FSMO Roles

If you had 2 DC's in your environment it is recommended that you transfer the roles to the DC that is online and still functioning rather than doing a restore of the one that failed. If you only have 1 DC then preform the steps above.

Will.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 1200 total points
ID: 39855928
In reality restoring AD system state backup on fresh OS on same server \ new hardware with fresh OS is not supported by MS.

Ideally they required existing server OS on the same server and from directory service restore mode you need to restore system state backup authoritatively.
This concept is called as AD forest recovery and applicable if your AD database is corrupted and can't be repaired by any means and you cannot use any available DCs in domain then MS will suggest Forest Recovery options
http://technet.microsoft.com/en-us/library/cc757662(v=ws.10).aspx

But you can restore existing AD system state backup on new OS \ new servers with some error messages and in order to do that, you need to prepare new server with same OS and service pack with same hostname and IP (More important) and with same drive letter if your previous AD database is stored in different drive other than default one, then you can restore AD system state backup on that server.
You need to install Windows server backup feature 1st
Then restart server in DSRM
Then restore AD system state backup authoritatively
Upon successful restoration, reboot the server and seize the FSMO roles as outlined above by others

Note that since you have single server, authoritative switch is not mandatory.
You can simply restore without that switch (Non-Authoritative restore)

That is why its actually suggested to have at least TWO DCs, so in case of lost of one DC you can have in tact AD database on another server

Mahesh
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39862300
Same OS and Drive Letter cannot be issue.

But having same patches could be an issue. What if we don't know what updates were installed lately on the server before crashing.

Is it also required to have same Partition Size of Drive ?

Also Same Hardware ??
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 1200 total points
ID: 39862428
Since restoring AD system state backup on new fresh OS installation (Even on same server hardware) is not supported, you need to take care \ workarounds as far as possible to avoid failure during \ post restore operation if your original server and OS is not available for restore operation

This includes:
Retain same hardware if possible \ install fresh OS on identical hardware (Mandatory step - If you restore on different server hardware it is likely to be ready yourself for BSOD post restoration)
Keep OS version and service pack version same as original (Mandatory)
Windows Updates \ patches should be at same level if possible (there is always some deviation happens in this case between original OS and new server OS patch level), however you can proceed with restoration if you can't match patch level)

In case of partitions, partitions drive letter must be same as old one in case of new servers and new server partition size must be equal \ greater than partitions size of original server that has crashed.

Mahesh
0
 
LVL 3

Author Closing Comment

by:cciedreamer
ID: 39898250
Thanks
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question