cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Best way to Backup and restore a Domain Controller with Active Directory

Bob_Hagnen
Level 2

‎02-01-2007 01:53 PM

Hello everyone, I'm a newbie here so any input would be very helpful to me.

Here's the scenario. I am trying to restore a Domain Controller with Active Directory. So far, I've tried doing a complete full backup on a backup-to-disk folder and then creating an IDR bootable CD. With the help from the forums, I've managed to solve the network card issue and was able to connect to the folder. I even managed to completely restore all of the files, but I do get the error that says unable to Load hive 0X2 etc. I reboot the machine and it says that my Ntoskrnl is corrupt or missing.

Second option, I tried was to build a general Windows 2003 Server and then install BE 11D and then tried to do a Directory restore and I also get an error stating that I cannot replace the current Hive configuration.

Any ideas?

Thanks in advance

DC newbie
0 Kudos
9 REPLIES 9

David_Sanz
Level 6
Partner

‎02-01-2007 02:15 PM

DC

When yu are restoring the Active Directory in a domain controller (that is, its system state) you must reboot it in Active Directory recovery mode (pushing F8 when the Windows logo appears).

Regards
0 Kudos

Bob_Hagnen
Level 2

‎02-01-2007 02:44 PM

Ok, I will give that a try and post an update, but I presume that is for DR. What about IDR? Is there anyway that I can successfully backup and restore a Domain controller with AD through IDR?

Thanks

DC
0 Kudos

Bob_Hagnen
Level 2

‎02-01-2007 04:20 PM

ok, I tried going into directory restore mode and restored the system state, when I rebooted the machine I get the following error message:

Directory services could not start. The system cannot find the file specified (lsass.exe). Error status 0XC000000f

Anybody have any suggestions?

Thanks

DC
0 Kudos

Joshua_Small
Level 6
Partner

‎02-01-2007 06:54 PM

Hi Bob,

Honestly, IDR just automates a process you're capable of doing yourself. Follow these steps:

- Build a base Windows 2003 Server
- Apply the latest service pack, assuming that's what your backed up server is running
- Install Veritas
- Boot into Directory Services Restore Mode
- Restore BOTH System State and your whole C:

No shortcuts here, take that full path and you should be OK. Your error is likely due to the fact you restored your system state, but not the security directory associated with it, as found in other files on your C:.
0 Kudos

Bradley_Willads
Level 5
Employee Accredited Certified

‎02-01-2007 07:30 PM

Bob,

Joshua's comments will do the same thing that IDR is supposed to. However you don't need to go into Active Directory Recovery mode to do the restore. As long as the computer is still in a workgroup, restoring the C:\ and System State will go back normally.

When you perform your IDR, you are restoring the C:\ and the System State, correct? You do need to restore both items in order to do a full restore. If not, can you please post the exact error you are recieving?

On a side note, the only time you have to enter Active Directory Restore (Recovery) mode is when the computer is already a DC, and you need to restore specific objects back into Active Directory. This is called an Authoritative Restore.
0 Kudos

Bob_Hagnen
Level 2

‎02-02-2007 08:49 AM

Thanks for the tips guys,

I did restore the C drive and the system state but it came back up with that error that I posted earlier. I found out that it was file : NTDS.dit that was not present in the NTDS folder. I read something earlier somewhere that I needed to run a utility called NTDSutil, but I've lost the instructions on how to use this after restoring a domain controller with Active directory.

Also, will backup exec 11D run in Active directory restore mode? I found that it usually complains that some of the services are not running and won't connect to the media in Active Directory restore mode. Any idea?

Thanks

DC
0 Kudos

Bradley_Willads
Level 5
Employee Accredited Certified

‎02-02-2007 12:38 PM

Bob,

Thats interesting. I am assuming that the backup completed 100% successfully, correct?

During the backup did you choose the option to be able to restore individual items from the Active Directory database when you ran the backup? If so, can you please re-run the restore with that option deselected, and then run the restore again with IDR.

Symanticus
Level 6

‎04-21-2009 04:45 PM



Hi All,

The following is my Servers:

Server A - 1st DNS + DC (Schema Master role)
Server B - 2nd DNS+ Exc.Srv07 + DC (4 other FSMO role)

I'm about to migrate Server B into new similar hardware using Cold backup of BESRO 8.5.3 Recovery Disc, is this that the correct way to do the Windows Domain Controller + Exchange Server backup or is there any best practice in doing it ?

thanks.

0 Kudos

Symanticus
Level 6

‎05-23-2009 03:18 PM

OK, I've done my Backup and restoration using BESRO 8.5 to a different server, Serve B is now running using new hardware and now I'd like to reformat Server A this time without BE tools at all because it seems that it causes trouble than it solves  :|

as now Server B got AD, GC, 5 x FSMOs, and DNS AD, GC, 5 x FSMOs, and DNS already running all of them.

so the remaining steps are:

1. demote Server A
2. reformat it.
3. promote as DC + DNS
4. make it as GC

I found out that having all 5x FSMO roles in one server more convenient as my company only got one domain in a forest.

0 Kudos