on 07-23-2013 03:01 AM
Dear All
I would like to provide you a simple HOWTO for backing up and restoring Active Directory with Symantec NetBackup
My Environment:
Master / Media Server = Windows 2008 R2 64 Bit
Active Directory = Windows 2008 R2 64 Bit
Symantec NetBackup Version = 7.5
Client = Windows 2008 R2 64 Bit
Assumption:
You have a running Master / Media Server and want to just Backup/Restore of Active Directory.
Important Point:
Master Server / Media Server and Client should resolve each other via DNS, here comes the Networking concepts which you can confirm it from your Network Administrator
Let us start with the steps.
Client Side Steps:
1. Add host entry of Media / Master Server on Active Directory Node.
2. Extract the Symantec NetBackup setup files, you will find the following files displayed in the Snapshot below. You can see the setup icon, double click and Install NetBackup Client on Active Directory node.
3. Follow the on screen instructions, I have installed with options of current system only with typical installation and further provided the name of Master / Media Server and started the Installation Process
Server Side Steps:
4. Add host entry of Client Node on Master / Media Server
5. Open Backup, Archive, and Restore
6. In File menu select "Specify NetBackup Machines and Policy Type" a Window will appear in which we will have to select the Server containing Backup just in case we have multiple Media Servers
Then we add client if this is for the first time any restore happening on the client by clicking "Edit Client List"
After addition of client the scroll list will have name of client, for me my Source and Destination is same therefore I am selecting "vsan" as it is my client hostname, further as we are restoring Active Directory the Policy type will be "Ms-Windows" and click OK.
7. After properly defining NetBackup Machine and Policy Type, click "Select for Restore" on the Backup, Archive, and Restore window which will bring the output of backups available of the client.
Mark the backup you will like to restore and the select the icon of "Start Restore of Marked Files" which will bring you the below snaped window. Choose accordingly as required and click "Start Restore" for Restore activity to start.
Hi Faisal,
This is very informative. Thanks for sharing.
Thanks Ajav for you gracious comment.
Some add'l items to consider:
Per Microsoft "Active Directory servers must be restored offline. The system must be restarted in Directory Services Restore mode. In this mode, the operating system is running without Active Directory Domain Services and all user validation occurs through the Security Accounts Manager (SAM) in the registry."
And:
"Nonauthoritative restore: Use this process to restore AD DS to its state at the time of the backup, and then allow Active Directory replication to update the restored domain controller to the current state of AD DS."
"Authoritative restore: Use this process to recover objects that have been deleted from AD DS. Authoritative restore does not allow replication to overwrite the restored deletions. Instead, the restored objects replicate authoritatively to the other domain controllers in the domain."
Either restore type requires first booting the domain controller into DSRM.
Good reading prior to attempting AD restores:
Introduction to Administering Active Directory Backup and Recovery
http://technet.microsoft.com/en-us/library/cc816677%28v=ws.10%29.aspx
Steps for Backing Up and Recovering AD DS
http://technet.microsoft.com/en-us/library/cc753359%28v=ws.10%29.aspx
- Performing a Nonauthoritative Restore of AD DS
http://technet.microsoft.com/en-us/library/cc730683%28v=ws.10%29.aspx
- Performing an Authoritative Restore of Deleted AD DS Objects
http://technet.microsoft.com/en-us/library/cc755296%28v=ws.10%29.aspx
Restart the Domain Controller in Directory Services Restore Mode Locally
http://technet.microsoft.com/en-us/library/cc816897%28v=ws.10%29.aspx
Restoring the System State on Windows
http://www.symantec.com/docs/HOWTO34578
How to Perform Authoritative restore
http://www.symantec.com/docs/TECH127788
System requirements for Active Directory granular NetBackup backups and recovery
http://www.symantec.com/docs/HOWTO86243
Restoring Active Directory from Backup Media
http://technet.microsoft.com/en-us/library/cc961934.aspx
Thanks for sharing. Very informative and very well explained.
Hello Faisal Saleem,
Hi This is Deleep Kumar, I have faseing problem with my AD, I dont know how to take back active directory in 2008 server. Pls help. i want to see last two years of user login & logout informastions.