10-05-2010 06:28 AM
Hi All
How I can restore single object of Mirocsoft Active Directory like "user account or OU" ,, I use Netbackup Enterprise server 7.0 ?
if we can restore single object ,please provide procedure.
thank you in advance.
Solved! Go to Solution.
10-05-2010 08:35 PM
problem was solved as follow
Restoring Active Directory objects
The following procedure describes how to restore objects from an Active Directory backup in a non-disaster recovery situation:
To restore individual objects from an Active Directory backup
The approach prevents the NetBackup catalog from unanticipated growth due to numerous granular entries.
When an Active Directory object is selected, the Restore Destination Choices are disabled in the General tab. Configure the other restore options as needed.
The Active Directory tab contains an option to recreate the objects that have been deleted: Recreatedeletedobjects thatcannotberestoredfrom the Active Directory Deleted Objects container.
Active Directory granular backups and recovery The Active Directory tab contains an option that lets administrators recreate the objects whose tombstone lifetimes have passed. The objects have also been purged from the Active Directory Deleted Objects container. To allow this capability, enable the option labeled Recreatedeletedobjects that cannot be restored from the Active Directory Deleted Objects container.
Restore issues
The following sections describe additional information about granular restores. Some situations require additional steps to fully restore the objects. In some situations, a granular restore of some part of the Active Directory is not possible. Restores that are disabled at times, when user and computer accounts are restored from a granular Active
Directory restore, they are disabled. The following topics describe possible reasons why the accounts can be disabled.
Deleted objects
When objects in Active Directory are deleted, they are removed from their current Active Directory or ADAM/ADLDS container. They are converted into tombstones and placed in the Active Directory Deleted Objects container where their tombstone lifetime is monitored. By default, NetBackup restores deleted objects from this container if the tombstone lifetime has not passed. After the tombstone lifetime passes, the tombstones are purged from the Active Directory Deleted Objects container. Purging the tombstones has the effect of permanently deleting the objects from the Active Directory and ADAM/AD LDS databases.
User objects
When restoring user objects, you must reset the object's user password and enable the object's user account:
In Active Directory, computer objects are derived from user objects. Some attributes that are associated with a computer object cannot be restored when you restore a deleted computer object. They can only be restored if the attributes were saved through schema changes when the computer object was originally deleted.
Computer objects
Computer object credentials change every 30 days and the credentials from the backup may not match the credentials that are stored on the actual computer. When a computer object is restored it is disabled if the userAccountControl property was not preserved in the deleted object.
Use the Microsoft Active Directory Users and Computers application to reset a computer object.
To reset a computer object's account
Group and member objects
To restore Active Directory group membership links may require that the restore job be run twice.
For example, consider the case where a group and its member objects are deleted. If a restore job contains both group objects and member objects, the job restores the objects in alphabetical order. However, the group that is restored has a link dependency on a member that does not exist yet. When the group is restored, the link cannot be restored.
Run the restore again to restore all forward and backward links.
Group policy objects
NetBackup does not support granularrestores of Group Policy Objects.
regards
10-05-2010 10:18 AM
Hi,
You'll need to configure GRT for active directory. This is a free component within NBU but you'll need to assign disk to act as a storage target.
Check out the NetBackup Admin Guide for Windows Chapter 28 i think.
R
10-05-2010 08:35 PM
problem was solved as follow
Restoring Active Directory objects
The following procedure describes how to restore objects from an Active Directory backup in a non-disaster recovery situation:
To restore individual objects from an Active Directory backup
The approach prevents the NetBackup catalog from unanticipated growth due to numerous granular entries.
When an Active Directory object is selected, the Restore Destination Choices are disabled in the General tab. Configure the other restore options as needed.
The Active Directory tab contains an option to recreate the objects that have been deleted: Recreatedeletedobjects thatcannotberestoredfrom the Active Directory Deleted Objects container.
Active Directory granular backups and recovery The Active Directory tab contains an option that lets administrators recreate the objects whose tombstone lifetimes have passed. The objects have also been purged from the Active Directory Deleted Objects container. To allow this capability, enable the option labeled Recreatedeletedobjects that cannot be restored from the Active Directory Deleted Objects container.
Restore issues
The following sections describe additional information about granular restores. Some situations require additional steps to fully restore the objects. In some situations, a granular restore of some part of the Active Directory is not possible. Restores that are disabled at times, when user and computer accounts are restored from a granular Active
Directory restore, they are disabled. The following topics describe possible reasons why the accounts can be disabled.
Deleted objects
When objects in Active Directory are deleted, they are removed from their current Active Directory or ADAM/ADLDS container. They are converted into tombstones and placed in the Active Directory Deleted Objects container where their tombstone lifetime is monitored. By default, NetBackup restores deleted objects from this container if the tombstone lifetime has not passed. After the tombstone lifetime passes, the tombstones are purged from the Active Directory Deleted Objects container. Purging the tombstones has the effect of permanently deleting the objects from the Active Directory and ADAM/AD LDS databases.
User objects
When restoring user objects, you must reset the object's user password and enable the object's user account:
In Active Directory, computer objects are derived from user objects. Some attributes that are associated with a computer object cannot be restored when you restore a deleted computer object. They can only be restored if the attributes were saved through schema changes when the computer object was originally deleted.
Computer objects
Computer object credentials change every 30 days and the credentials from the backup may not match the credentials that are stored on the actual computer. When a computer object is restored it is disabled if the userAccountControl property was not preserved in the deleted object.
Use the Microsoft Active Directory Users and Computers application to reset a computer object.
To reset a computer object's account
Group and member objects
To restore Active Directory group membership links may require that the restore job be run twice.
For example, consider the case where a group and its member objects are deleted. If a restore job contains both group objects and member objects, the job restores the objects in alphabetical order. However, the group that is restored has a link dependency on a member that does not exist yet. When the group is restored, the link cannot be restored.
Run the restore again to restore all forward and backward links.
Group policy objects
NetBackup does not support granularrestores of Group Policy Objects.
regards