Typically, when you perform a System State restore, all components are restored to their original location. However, the NetVault Backup Plug‑in for FileSystem also allows you to restore the System State data to an alternate directory without affecting the active system. Restoring System State in a situation other than system recovery is not recommended.
Consider the following when restoring system state backups to a second system:
Microsoft supports the following methods for restoring the Active Directory on a Domain Controller:
• |
Non-Authoritative Restore: During non-authoritative restore, the distributed services on a Domain Controller are restored from the backup media, and the restored data is then updated through normal replication. Non-authoritative restore is typically performed when a Domain Controller has completely failed due to hardware or software problems. |
• |
Authoritative Restore: During authoritative restore, an entire directory, a subtree, or individual objects can be designated to take precedence over any other instances of those objects on the Domain Controllers. Through normal replication, the restored Domain Controller becomes authoritative in relation to its replication partners. Authoritative restore is typically used to restore a system to a previously known state, for example, if one or more Active Directory objects were erroneously deleted. |
• |
Primary Restore: Primary restore is used when the server you are trying to restore is the only running server of a replicated data set (for example, the SYSVOL and FRS). |
NOTE: The NetVault Backup Plug‑in for FileSystem supports only non-authoritative restore of the Active Directory. |
The NetVault Backup Plug‑in for FileSystem supports only the Non-Authoritative restore method. When you restore the Active Directory using the plug-in, the objects are restored with their original update sequence number. The Active Directory replication system uses this number to detect and propagate Active Directory changes among the other servers. The data that is restored non-authoritatively appears as old data and does not get replicated to the other servers. The Active Directory replication system updates the restored data with the newer data available on the other servers.
To perform an authoritative restore of the Active Directory data, you must run the “ntdsutil” utility after you have restored the System State data, but before you restart the server. The ntdsutil utility lets you mark Active Directory objects for authoritative restore. When an object is marked for authoritative restore, its update sequence number is changed so that it is higher than any other update sequence number in the Active Directory replication system. This change ensures that any replicated or distributed data that you restore is properly replicated or distributed to all servers. For more information about ntdsutil, see the relevant Microsoft documentation.
The NetVault Backup Plug‑in for FileSystem supports the following restore methods for the SYSVOL directory:
• |
Primary Restore: Use this restore type only when restoring SYSVOL on a standalone Domain Controller, or on the first of several Domain Controllers. Typically, a primary restore is only required when all the Domain Controllers in the Domain are lost, and you are trying to rebuild the Domain from backup. Select Primary only for the first server. Do not use this restore type if you have already restored SYSVOL on one or more servers. |
• |
Authoritative Restore: Use this restore type when you have more than one Domain Controller to roll back the SYSVOL changes, and replicate the restored data to all other servers. |
• |
Non-Authoritative Restore: Use this restore type when you want to restore the data on a single Domain Controller in a replicated environment without replicating the restored data to the other servers. |
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center