Information Technology Reference
In-Depth Information
To restore an object with Windows PowerShell, use the Get-ADObject and
Restore-ADObject cmdlets. Use Get-ADObject with the -IncludeDeletedObjects
parameter to find and restore deleted objects.
FIGURE 5-24 The Modify dialog box
performing Active Directory restore
There are two types of Active Directory restore: authoritative and non-authoritative. In an
authoritative restore, the Active Directory that you restore becomes the authoritative AD for
the domain. In a non-authoritative restore, the Active Directory you restore accepts replica-
tion changes from the other domain controllers in the domain. The restored Active Directory
acts as a seed rather than as the final result. Both types of restore follow a similar set of steps,
but in an authoritative restore, the version number of the restored database is set higher than
that on other domain controllers.
performing an authoritative restore
An authoritative restore recovers the Active Directory database to a specific point in time.
You can restore the entire database, an entire container, or a single object. Once restored,
that data is replicated to all other domain controllers in the domain. Usually an authoritative
restore is used to recover from a serious mistake or corruption. In all cases of an authoritative
restore, any changes to Active Directory since the snapshot was taken are lost.
Another concern with authoritative restores is the domain trust relationships between
workstations and the domain. Computer account passwords are changed automatically every
seven days, and a restoration to a snapshot older than seven days can result in workstations
being unable to connect to the domain.
 
 
Search WWH ::




Custom Search