Active Directory backup and restore with Acronis Backup & Recovery 10
Table of Contents 1. Introduction ........................................................................................................... 3 2. Backup and Recovery overview............................................................................... 3 3. Active Directory backup .......................................................................................... 3 4. Active Directory recovery ....................................................................................... 5 5. 4.1.
1. Introduction Microsoft Active Directory is a central component of the Windows platform, which can be found in any size of Windows environment. Active Directory contains critical information, availability of which is important for businesses to operate. This white paper is created to enable system administrators to implement their own recovery solution for Active Directory using Acronis Backup & Recovery 10 software. 2.
To avoid that, make sure the Create snapshots using VSS option is selected in the backup settings when creating a backup of a domain controller: Note: This option is not selected by default, so be sure to select it. Once you have a full backup of your domain controller, the backup stores the information that is required to later restore your Active Directory. The next question is how often you need to back up the domain controller.
• Make sure that the Active Directory database folder is included into the backup. The easiest way to do this is to create a full image backup of your system drive, and drives where AD database and transaction logs are located. • • Make sure that files making up the AD database (.dit, .chk, .log files) are not in the exclusion list. Make sure that the Create snapshots using VSS option is selected for the backup. 4.
1. Restore the domain controller from the backup using bare-metal restore. 2. Reboot the domain controller. Make sure the Active Directory service has started successfully. No other steps are required. Replicating of AD records will be performed automatically. So what if the only backup available is older than the tombstone lifetime? If it includes the operating system, it still may be restored. The AD database from the backup, however, cannot be used.
"Domain Controller restore (no other DCs are available) (p. 6)". This method guarantees complete recovery, and it is reasonable to use it if the domain controller has no other valuable data but the Active Directory itself, or other valuable data is easy to save (e.g. located on another volume that doesn’t need to be restored). Another way is to recover the AD database alone. The AD database consists of the following files: 1. NTDS.dit (database file) 2. Edb.chk (checkpoint file) 3. Edb*.
4. Reboot the computer. Make sure the Active Directory service has started successfully, and the restored object becomes available. Another way to restore accidentally deleted object is by using tombstones. In AD, any deleted object is retained for a period of time (called tombstone lifetime, as discussed above). This period is, by default, at least 60 days. That means that any object, even though deleted from AD, will remain in its database for at least 60 days before it will be finally erased.
