Performing an authoritative restore for Active Directory deleted objects or containers

Jul 4th, 2009

Just thought I should list the step by step process for performing authoritative restore in active directory for windows server 2003. But first, just a brief summary of the difference between an authoritative and a non authoritative restore.

 A non Authoritative restore is hardware failures or other software issues that results in the complete restoration of the directory services from backup.

An Authoritative restore is used when a change or deletion of an object is made in Active Directory and the action/change have to be reverse. An example can be a user mistakenly deletes an OU or a user object, then decided to reverse the action by restoring the OU or user object that has been deleted.

Steps on performing an authoritattive restore. In this scenerio, I deleted an OU and a user and then restore both through authoritative restore process.

Part I: Recover Active Directory from Backup **A valid and current Systems State backup is required for this procedures

1-Start the Server [Domain Controller] and and press F8 continiously until the “Advanced Options Menu” shows up.

2-From Advanced Options Menu, choose Directory Restore Mode (Windows Domain Controllers Only), press enter

 
Steps 1-2

Steps 1-2

  3-Choose your windows OS (In this case Windows Server 2003), press enter

Step 3

Step 3

4-Login as Administrator using the restore mode password (This was created when DCPromo was done) and click ok to confirm that windows is running on safe mode

5-Start NTBackup.exe. [Start, Run, type ntbackup.exe and this will start the ntbackup process)

6-Select the Restore option, and browse to the backup system state location, select system state option and click ok.

7- After restoration/AD recovery  is complete, Restart server following steps 1-4 above

Part II: Perform Authoritative Restore

1-Open command prompt [start, run type cmd]

2-type: ntdsutil

3-type: authoritative restore

 4-type: restore subtree OU=WinXp,OU=Workstations,DC=OBEN,DC=ORG  (**To restore entire Directory use. “restore database”)

steps 1-4

steps 1-4

 

 5-Click Yes to the pop up and press enter

steps 4-5

steps 4-5

6-OU container Successfuly restored

authoritative restore completes

authoritative restore completes

ADUC Structure before I delete the WinXP OU and after restoration

Before WinXP OU deleted and after WinXP OU restaored

Before WinXP OU deleted and after WinXP OU restaored

After I delete WinXP OU

After Delete WinXP OU and before Restoration

After Delete WinXP OU and before Restoration

Be Sociable, Share!
No comments yet.