Information Technology Reference
In-Depth Information
To perform an authoritative restore, follow these steps:
Power on the domain controller you want to restore and interrupt the boot process to
boot to the Advanced Boot Options menu. Or from an elevated prompt on the running
domain controller, type
bcdedit /set safeboot dsrepair
and then reboot the server.
This will cause the server to boot into Directory Services Repair mode until changed.
1.
Choose Directory Services Repair mode. Windows Server restarts in Safe mode without
loading Active Directory.
2.
Log on to the Administrator account with the Directory Services Repair mode password
and open an elevated command or Windows PowerShell window.
3.
Identify the version of backup you want to restore with:
4.
Wbadmin get versions -backuptarget:<backupdrive> -machine:<DCName>
5.
After you identify the version identifier for the version you want to restore, use the
following command to restore the system state:
Wbadmin start systemstaterecovery -version:<versionID> -backuptarget:<backupdrive>
-machine:<DCName>
After the restore is complete, open Ntdsutil.exe and type
activate instance ntds
;
then type
authoritative restore
.
■
To restore the entire database, type
restore database
.
■
To restore a container, type
restore subtree <ObjectDN>
where <
ObjectDN
> is
the distinguished name of the container to restore,
■
To restore an individual object, type
restore object <ObjectDN>
where
<
ObjectDN
> is the distinguished name of the object to restore.
6.
7.
Quit out of Ntdsutil.exe, change the bcdedit sequence with
bcdedit /deletevalue
safeboot
if you altered it, and restart the server.
performing a non-authoritative restore
The steps to perform a non-authoritative restore are the same as the authoritative restore,
except that you don't run Ntdsutil.exe. All your items will now be restored, but any items that
have been modified since the time of the backup are overwritten when replication occurs.
The primary use case for a non-authoritative restore is when there has been a hardware or
software failure on the server, and you need to restore the server and the Active Directory
database. In this case, the restored Active Directory database acts as a seed, reducing the
amount of replication that has to occur from other domain controllers.
