Understanding the concept
Non-authoritative
restore method is used commonly when a DC failed because of a hardware or
software related reasons and this is the default directory services restore
mode selection. By default, the Backup tool operates in non-authoritative
restore mode, that is when you restore data by using the any of the backup
tools(Windows backup,NTBackup, Symantec BackupExec, Veritas etc) you are
restoring data non-authoritatively. When the domain controller is brought
online after a non-authoritative restore, it detects that the restored data
hasn't been updated since the backup was performed, and then it begins
receiving and applying updates through normal replication with its replication
partners. Therefore, any directory updates that occurred after the backup was
created are applied after restore as part of the normal replication process.
Replication reconstructs the replication metadata for the updates that
originated on the restored domain controller between the time the server was
last backed up and the time at which it is restored from backup.
Important: Make sure that you have the latest
System state and full server backup is available before performing this
operation.
Performing non-authoritative backup.
1.Reboot the server in Directory Services Restore Mode
You can
reboot the server in Directory Services Restore Mode
using three methods.
- If you can manually reboot the server press F8 at the time of boot to get the advanced boot option and select directory service restore mode, press ENTER.
- Edit the Boot Configuration Data (BCD). In order to edit the BCD open command prompt and type bcdedit /set safeboot dsrepair and press ENTER. Now restart the server and wait for this to come up.
- Edit the boot option from System configuration. Type msconfig in run and press ENTER->Under the Boot tab tick the check box safe boot and select Active Directory repair->Appy->OK and on prompt to restart select restart.
You can select any one of the above option to reboot the server in
directory service restore mode.(If the server is in remote location you can
prefer to have ii or iii option).
2.Wait a few minutes for the DC to reboot. You
can log on locally or remotely, but remember that you will need to supply the
DSRM password that you set when promoting the server to a DC. The username for
DSRM is Administrator and you may have
different DSRM password for different DC.
3.Once you logged on you can use the utility Wbadmin to manage the backup and restore
operations. It enables you to back up and restore your operating system,
volumes, files, folders, and applications from a command prompt. Each backups
that you have created using Windows server backup will have its own unique ID
and its generally named based on the date and time that the backup has
completed. You will restore the data based on the version of these backups.
Consider
that I have to recover my secondary DC(second server) and I already have the
latest backup of this server on my fist server(shared location: \\server-1\backuP of second server) or you
may have the backup on the same server itself. If your backup is in a remote
shared file make sure that there is no chances of network failures or copy the
backup to local drive and perform the recovery, because the connection issues
during this process makes the server become unusable.
On
command prompt type wbadmin get versions
and press ENTER.
I have
only one backup of the server . From the list, note down the version identifier of the latest backup that
you want to restore and for me the version identifier is 04/22/2014-15:40.
4.Now start the system state backup by the
below command,
Wbadmin start systemstaterecovery -version:<backup
version that you would like to restore> and press ENTER.
So in my
case the command will be Wbadmin start
systemstaterecovery -version:04/22/2014-15:40 and press ENTER.
This will
prompt you to confirm if you want to start with restore, type Y and press ENTER.
Important: Never try to interrupt the system
state recovery until it completes.
5.Wait for this process to complete. You will
see the status on the same command prompt window itself. Type YES and press ENTER to reboot the server when
it prompts.
6.If you were initiated the server to reboot
into directory service restore mode(DSRM) as
per the steps 1ii and 1iii the server will again boot into DSRM mode.
In order to boot the server as normal, after initial reboot login with DSRM
user name and password. You will have the below prompt now, press ENTER to
close the window.
Now
change the boot option of your server to normal.
If your option was as per the steps mentioned
in 1ii.
Open a command prompt and type bcdedit /deletevalue safeboot and press ENTER. You will have a
success message as below and you can reboot the server once again. Now it will
boot the server in normal mode.
If your option was as per the steps mentioned
in 1iii.
Type msconfig in run
and press ENTER->Under the Boot tab
tick the uncheck box safe boot ->Appy->OK and
on prompt to restart select restart.
Now that’s it the non-authoritative restore is
completed.
No comments:
Post a Comment