TechShizz | Tech Guides

Restore AD from backup

To restore AD using this Windows Backup Server needs to be running full backups of the drive with the NTDS.dit file on the DC.

 

To browse the backups/NTDS snapshots

 

Ntdsutil

Activate instance ntds

Snapshot

List all

 

Identify the backup and copy the GUID to be mounted

 

Snapshot>Mount {GUID}

 

You can browse the backup and copy things from it if needed. You can also mount the NTDS file within it.

Note the path of the NTDS.dit file within it for the next part.

 

Dsamain-dbpath c:\$SNAP_465746_VOLUME_C$\windows\ntds\ntds.dit -ldapport:5000

 

From a dsa.msc you can now "change domain controller" and look at do.contoso.local:5000 to mount the AD database.

 

To un-mount

 

Unmount {GUID}

 

Restore AD from directory service recovery mode

 

If an OU or user our group or any object is deleted from AD you will need to perform an authorities restore by rebooting into DRSM

 

Bcdedit /set safeboot dsrepair

 

Shutdown /r /t 0

 

Server reboots

 

To identify the backup again run

 

Wbadmin get versions

 

Copy the version   :dd/mm/yyyy-hh:mm

 

Run a non-authoritative restore

 

Wbadmin start systemstaterecovery -version:03/24/2015-18:22

 

Run an authoritative restore

 

Ntdsutil

Act inst ntds

authoritative restore subtree "ou=test,dc=contoso,dc=local"

 

 

Reset boot method

 

Bcdedit /deletevalue safeboot

 

Shutdown /r /t 0