How To Backup Active Directory In Windows Server 2003

Bankroll up Agile Directory is essential to maintaining an Active Directory database. Users can back up Active Directory with the Graphical User Interface (GUI) and command-line tools that the Windows Server 2003 family provides.

Users should frequently fill-in the system land information on domain controllers then that they can restore the most current data. Past establishing a regular backup schedule, at that place is a better chance of recovering data when necessary.

To ensure a expert backup includes at least the system land data and contents of the organization disk, the user must exist aware of the tombstone lifetime. By default, the tombstone is 60 days. Any backup older than lx days is non a good backup. Plan to fill-in at least two domain controllers in each domain, one of at least one fill-in to enable an authoritative restore of the data when necessary.

Organization Land Information

Several features in the windows server 2003 family arrive like shooting fish in a barrel to backup Active Directory. Users tin can backup Agile Directory while the server is online and other network functions tin can proceed to role.

System country data on a domain controller includes the following components:

• Active Directory arrangement state data does non contain Agile Directory unless the server on which the system state information is existence backed up is a domain controller. Agile Directory is present only on domain controllers.
• The SYSVOL shared folder: This shared folder contains Group policy templates and logon scripts. The SYSVOL shared folder is nowadays just on domain controllers.
• The Registry: This database repository contains information almost the estimator'due south configuration.
• System startup files: Windows Server 2003 requires these files during its initial startup phase. They include the boot and system files that are under Windows file protection and Windows uses them to load, configure, and run the operating system.
• The COM+ Class Registration database: The Class registration is a database of information about Component Services applications.
• The Certificate Services database: This database contains certificates that a server running Windows server 2003 uses to authenticate users. The Certificate Services database is present only if the server is operating as a document server.

Organization state information contains nearly elements of a system's configuration, simply information technology may not include all of the information required to recover information from a system failure. Therefore, be sure to backup all boot and organisation volumes, including the System State, when a server is backed up.

Restoring Active Directory

In Windows Server 2003 family, users can restore the Active Directory database if it becomes corrupted or is destroyed because of hardware or software failures. Restore the Active Directory database when objects in Active Directory are inverse or deleted.

Active Directory restore can be performed in several ways. Replication synchronizes the latest changes from every other replication partner. Once the replication is finished, each partner has an updated version of Active Directory. There is another style to go these latest updates by Backup utility to restore replicated data from a backup copy. For this restore it is unnecessary to reconfigure the domain controller or install the operating arrangement from scratch.

Agile Directory Restore Methods

Users can use ane of the iii methods to restore Active Directory from fill-in media: primary restore, normal (non authoritative) restore, and authoritative restore.

• Primary restore: This method rebuilds the starting time domain controller in a domain when there is no other way to rebuild the domain. Perform a master restore but when all the domain controllers in the domain are lost to rebuild the domain from the fill-in.
  Administrators group members can perform the principal restore on a local computer or the user should have been delegated with this responsibility to perform restore. Only Domain Admins tin can perform this restore on a domain controller.
• Normal restore: This method reinstates the Active Directory data to the state earlier the backup, and then updates the information through the normal replication process. Perform a normal restore for a single domain controller to a previously known good state.
• Authoritative restore: perform this method in tandem with a normal restore. An authoritative restore marks specific data as current and prevents the replication from overwriting that information. The authoritative data is then replicated through the domain.
  Perform an authoritative restore individual object in a domain that has multiple domain controllers. When an authoritative restore is performed, all changes to the restore object that occurred after the backup are lost. Ntdsutil is a command line utility to perform an authoritative restore forth with windows server 2003 organization utilities. The Ntdsutil command-line tool is an executable file that marks Active Directory objects as authoritative so that they receive a college version of recently changed data and other domain controllers exercise not overwrite organisation land information during replication.

Source: https://www.tech-faq.com/how-to-backup-active-directory.html

Posted by: sebringsittand.blogspot.com

Share this post