Disaster Recovery - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Disaster Recovery

Description:

Used to restore damaged Active Directory database from good System State backup ... USN by 100,000 for each day between time backup was taken and restored ... – PowerPoint PPT presentation

Number of Views:31
Avg rating:3.0/5.0
Slides: 23
Provided by: pbcc
Category:

less

Transcript and Presenter's Notes

Title: Disaster Recovery


1
Disaster Recovery
  • Chapter Fourteen

2
Backing up Active Directory
  • Important to make regular backups
  • Solid backup strategy
  • Helps things go smoother when something
    catastrophic does occur

3
Active Directory Backups
  • Backed up as part of System State
  • System state
  • Registry (always)
  • COM Class Registration database (always)
  • Boot files (always)
  • Certificate Services database (if Certificate
    Services is installed)

4
Active Directory Backups (continued)
  • System state
  • Active Directory (only on domain controllers)
  • SYSVOL directory (only on domain controllers)
  • Cluster service (if the server is part of a
    cluster)
  • IIS Metadirectory (if IIS is installed)
  • System files (always)

5
Backup Types
  • Normal backup
  • Differential backup
  • Incremental backup
  • System state
  • Always normal backup
  • Even if you select different backup type

6
Backing Up System State Data
7
Backups and the Tombstone Lifetime
  • Tombstone lifetime controls maximum age of backup
    that can still be restored
  • Backup that is older than tombstone lifetime
    cannot be restored
  • Windows Server 2003 does not allow you to restore
    it

8
Identifying Active Directory Corruption
  • Some corruption problems easy to identify
  • Domain controller displays message box at startup
  • Informs you of problem
  • Possible that problem can exist without it being
    obvious
  • Can run
  • Integrity check
  • Semantic check

9
Checking File Integrity
  • File integrity check
  • Performs low-level check of database file
  • NTDS.DIT
  • Determines if file formatted correctly
  • Checks overall structures of tables in database
  • Ensures that they are accessible and have correct
    columns

10
Checking Database Integrity
  • Semantic check
  • Verifies database at higher level than integrity
    check
  • Checks
  • Metadata
  • Up-to-dateness vectors
  • Other components

11
Recovering Active Directory
  • Soft recovery
  • Performed without user intervention
  • Changes in log file written to database
  • Restart fixes problems
  • Problems not fixed on restart
  • Perform soft recovery
  • Restore Active Directory from backup
  • Reinstall Active Directory
  • Perform repair of Active Directory database

12
Restore vs. Recover
  • Restore
  • Replace current copy (or part of it) with backup
    copy
  • Recover
  • Repair database
  • Return it to consistent state
  • Fix some sort of corruption

13
Soft Recovery
  • Performed automatically when domain controller is
    shut down incorrectly
  • Can also initiate soft recovery manually
  • First step to fix problems
  • Must be in Directory Services Restore Mode to
    manually perform soft recovery

14
Restoring Active Directory
  • If soft recovery fails
  • Try restore
  • Can be used when object is deleted from directory
  • Two types of restore processes
  • Non-authoritative restore
  • Authoritative restore

15
Non-authoritative Restore
  • Used to restore damaged Active Directory database
    from good System State backup
  • Made before database was corrupted
  • Older copy of database will be restored to domain
    controller
  • Changes made after backup was taken
  • Replicated from other DCs

16
Non-authoritative Restore (continued)
  • Usually performed when
  • Multiple domain controllers in domain
  • Single domain controller corrupted
  • Cannot use to restore deleted object

17
Authoritative Restore
  • Restore objects that were mistakenly deleted or
    modified
  • Increments objects USN by 100,000 for each day
    between time backup was taken and restored
  • Ensures that restored objects USN is highest
  • Will then be replicated to other domain
    controllers in domain

18
Restoring a System State Backup
19
Authoritatively Restoring SYSVOL
  • May need to authoritatively restore files in
    SYSVOL
  • Restore System State backup
  • Domain controller's local SYSVOL folder is
    overwritten
  • Next time domain controller restarts in normal
    mode
  • FRS attempts to perform full re-sync of SYSVOL
    folder

20
Authoritatively Restoring SYSVOL (continued)
  • Must perform additional steps to restore older
    version of SYSVOL

21
Reinstalling Active Directory
  • Only a valid option if
  • One other domain controller can supply current
    contents of Active Directory by replication
  • Willing to completely rebuild domain
  • Steps
  • Run DCPROMO to demote domain controller with
    corrupt database to member server
  • Run DCPROMO again to promote server to domain
    controller

22
Repairing Active Directory
  • Final option
  • Low-level rebuild of Active Directory database
  • Deletes any data that is not valid
  • Can only fix data that it can find
  • Use NTDSUTIL
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Disaster Recovery" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!