Chat now with support
Chat with Support

Recovery Manager for AD Disaster Recovery Edition 10.0.1 - User Guide

Overview Backing up data
Permissions required for the Backup operation Managing Backup Agent Using a least-privileged user account to back up data Creating backups Retrying backup creation Enabling backup encryption Backing up AD LDS (ADAM) Backing up cross-domain group membership Backing up distributed file system (DFS) data Backup scheduling Setting performance options Setting advanced backup options Using Forest Recovery Agent Unpacking backups Using e-mail notification Viewing backup creation results Getting started
Permissions required to use Recovery Manager for Active Directory Recovery Manager Console Icons in the user interface Getting and using help Configuring Windows Firewall Using Computer Collections Managing Recovery Manager for Active Directory configuration Licensing
Restoring data
Getting started with Active Directory recovery Managing deleted or recycled objects Restoring backed up System State components Using granular online restore Restoring AD LDS (ADAM) Selectively restoring Active Directory object attributes Restoring objects in an application directory partition Restoring object quotas Restoring cross-domain group membership Performing a restore without having administrator privileges Reports about objects and operations Using complete offline restore Offline restore implications Restoring SYSVOL authoritatively Performing a granular restore of SYSVOL Recovering Group Policy Restoring data from third-party backups Using the Extract Wizard Restoring passwords and SID history
Fault tolerance Consolidating backup registration data Monitoring Recovery Manager for Active Directory Recovering an Active Directory forest
Permissions required to use Forest Recovery Console Forest Recovery Console Managing a recovery project Install Active Directory from Media recovery method Install Active Directory recovery method Managing Forest Recovery Agent Rebooting domain controllers manually Specifying fallback IP addresses to access a domain controller Resetting DSRM Administrator Password Purging Kerberos Tickets Managing the Global Catalog servers Managing FSMO roles Manage DNS Client Settings Configuring Windows Firewall Forest recovery overview Selectively recovering domains in a forest Recovering SYSVOL Deleting domains during recovery Resuming an interrupted forest recovery Recovering read-only domain controllers (RODCs) Checking forest health Collecting diagnostic data for technical support
Bare metal forest recovery Using Management Shell Creating virtual test environments Using Recovery Manager for Active Directory web interface Appendices
Frequently asked questions Best practices for creating backups for forest recovery Best practices for recovering a forest Descriptions of recovery or verification steps Backup Wizard Online Restore Wizard Online Restore Wizard for AD LDS (ADAM) Group Policy Restore Wizard Repair Wizard Extract Wizard Events generated by Recovery Manager for Active Directory

Non-authoritative restore

In this section:

DIT Database

When restored non-authoritatively, settings and entries that existed in the domain, schema, configuration, and optionally the global catalog naming contexts maintain the version number they had at the time of backup. After the restored domain controller is restarted, the Active Directory replication updates the domain controller with the changes that were made to Active Directory since the backup time.



When restored non-authoritatively, the local copy of the SYSVOL that is held on the restored domain controller is updated with that of its replication partners. After the restored domain controller is restarted, it contacts its replication partners, compares SYSVOL information, and replicates the necessary changes, bringing its local copy of the SYSVOL up to date with the other domain controllers within the domain.

If the domain controller being recovered is the only functioning domain controller in the domain, a primary restore of the SYSVOL should be done. A primary restore builds a new replication service database by loading the data present under the SYSVOL onto the local domain controller. This method is the same as nonauthoritative except that the restored data is marked as the primary data.

Perform a primary restore only when all domain controllers in the domain are lost and you want to rebuild the domain from backup. Do not perform a primary restore if any other working domain controller in this domain is available. Use primary restore for the first domain controller, and then, later, use non-authoritative restore for all other domain controllers.

Authoritative restore

In this section:

Related Documents