Solved

Authoritative restore using ntdsutil 2003 schema

Posted on 2015-01-15
2
249 Views
Last Modified: 2015-01-21
Hello,
I am working on the forest recovery plan and testing in the test lab forest recovery if we will upgrade schema from 2008 to 2012 R2. We have 2003 schema master server. I would like to verify the command that is needed after recovering system state.
Is it - authoritative restore: restore database ???

In 2008 there is an option to restore the cn=schema partition, but in 2003 is different.

Please advise if restore database will do the job of recovering forest to 2003. Thank you

After you restored system state backup using NTbackup in dsrm mode do below before rebooting,

   1. At a command prompt, type ntdsutil, and then press ENTER.
   2. Type authoritative restore, and then press ENTER.
   3. Type restore database, press ENTER, click OK, and then click Yes.
   4.Reboot
0
Comment
Question by:creative555
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40551885
You have high level steps that are involved to accomplish a restore of the schema.

Check the below link which will provide additional detail on how to recover a Domain Controller successfully without issues.
Active Directory Domain Controller Restore

Authoritative Restore -  this is a restore process when you need to revert changes from a previous backup. This then sets the USN to an extremely high number to ensure that it is higher than the other Domain Controllers in the environment. These change are then pushed to the other domain controllers in the environment.

Non Authoritative Restore - Is used when you are recovering a secondary domain controller (non fsmo roles) and want to restore the DC the domain controller then through replication receives all directory changes that have been made since the backup from the other domain controllers in the network.

Will.
0
 

Author Closing Comment

by:creative555
ID: 40563293
Thanks!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

689 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question