Register now or log in to join your professional community.
1. To install the backup features click Start → Server Manager.
2. Next click Features → Add Features
3. Scroll to the bottom and select both the Windows Server Backup and the Command Line Tools
4. Click Next, then click Install
Now that we have the backup features installed we need to backup Active Directory. You could do a complete server backup, but what if you need to do an authoritative restore of Active Directory?
As you'll notice in Server 2008, there isn't an option to backup the System State data through the normal backup utility.
So what do we do? We need to go "command line" to backup Active Directory.
1. Open up your command prompt by clicking Start and type "cmd" and hit enter.
2. In your command prompt type "wbadmin start systemstatebackup -backuptarget:e:" and press enter.
Note: You can use a different backup target of your choosing
3. Type "y" and press enter to start the backup process.
When the backup is finished running you should get a message that the backup completed successfully. If it did not complete properly you will need to troubleshoot.
Now you have a system state backup of your 2008 Server!
So now what if you accidentally delete an OU, group, or a user account and it's already replicated to your other servers? We will need to perform an authoritative restore of the Active Directory object you accidentally deleted.
1. To do this you will need to boot into DSRM (Directory Services Restore Mode) by restarting your server and pressing F8 during the restart.
2.Choose Directory Services Restore Mode from the Advanced Boot menu.
3. Login to your server with your DSRM password you created during Active Directory installation.
4. Once you're logged into your server and in DSRM safe mode, open a command prompt by clicking Start, type "cmd", and press enter.
5. To make sure you restore the correct backup it's a good idea to use the "wbadmin get versions" command and write down the version you need to use.
6. Now we need to perform a non-authoritative restore of Active Directory by typing "wbadmin start systemstaterecovery -version:04/14/2009-02:39".
Note: The version of backup will vary depending on your situation. Type "y" and press enter to start the non authoritative restore.
7. Go grab some coffee and take a break while the restore completes.
8. You can mark the sysvol as authoritative by adding the –authsysvolswitch to the end of the wbadmin command.
9. But if you want to restore a specific Active Directory object then you can use the ever familiar ntdsutil.
For this example we are going to restore a user account with a distinguished name of CN=Test User,CN=Users,DC=home,DC=local. So the commands would be:
ntdsutil
activate instance ntds
authoritative restore
restore object "cn=Test User,cn=Users,dc=home,dc=local"
Note: The quotes are required
10. Reboot your server into normal mode and you're finished. The object will be marked as authoritative and replicate to the rest of your domain.
There is a really cool new feature in Windows Server 2008 called Active Directory Snapshots. Volume Shadow Copy Service now allows us to take a snapshot of Active Directory as a type of backup. They are very quick to create and serve as another line of defense for your backup strategy.
With your server booted into normal mode open a command prompt by clicking Start, type "cmd", and press enter.
We are going to use the ntdsutil again for creating the Active Directory snapshots. The commands are:
ntdsutil
snapshot
activate instance ntds
create
quit
quit
So now that you have a snapshot of AD, how do you access the data? First we need to mount the snapshot using ntdsutil. The commands are:
ntdsutl
snapshot
list all
mount 1 -- (Note: You should mount the correct snapshot you need; for this example there is only 1.)
quit
quit
Your snapshot is mounted, but how do you access the data? We need to use the dsamain command to accomplish this. Then we need to select an LDAP port to use. The command is as follows:
dsamain –dbpath c:\\$SNAP_200905141444_VOLUMEC$\\WINDOWS\\TDS\\tds.dit –ldapport 10001
The result should look like this:
Now we need to go to Start, Administrative Tools, then Active Directory Users and Computers.
Right click Active Directory Users and Computers and select Change Domain Controller.
In the area that says < Type a Directory Server name [:port] here >enter the name of your server and the LDAP port you used when running the dsamain command.
For my example it would be: WIN-V22UWGW0LU8.HOME.LOCAL:10001
Now you can browse the snapshot of Active Directory without affecting anything else negatively.
by using built in backup utility also we have to put a replication server to make a real live copy form AD and DNS.
Backup utility needs to be installed using server Manager and then we take the Bare metal Backup in a remote location or alternate Network location. To Restore AD we do the Authorritative Restore From DSRM mode
Can create Aditional Server to make replication real time
Before you can back up Active Directory you must first install the backup features on the server manager.
Before you can backup Server 2008 you need to install the backup features from the Server Manager.
next click add to features
select backup
You can back up AD DS by using Windows Server Backup, Wbadmin.exe or PowerShell. Depending on the roles installed on the computer running Windows Server 2012 R2, the System State Data on a Domain Controller
Backing up the System State in Windows Server 2012 R2 creates a point-in-time snapshot that you can use to restore a server to a previous working state.
You can back up AD DS by using Windows Server Backup, Wbadmin.exe or PowerShell. Depending on the roles installed on the computer running Windows Server 2012 R2, the System State Data on a Domain Controller
The best backup/restore for AD is to make a replication of AD server and secure it
system state backup using ntbackup tools
L'utilisation d'interface pour planifier des sauvegardes est impératif, faut-il créer aussi des fishiers
https://www.pluralsight.com/blog/tutorials/backup-and-restore-active-directory-on-windows-server-2008
Do you need help in adding the right keywords to your CV? Let our CV writing experts help you.