Backup and recovery of the Microsoft Active Directory (AD) with CloudBerry Backup


Problem

In this article, we will overview how you can recover an Active Directory (AD) database with CloudBerry Backup for Windows.

Active Directory is a Microsoft product that consists of several services that run on Windows Server to manage permissions and access to networked resources. AD DS is a distributed database that stores and manages information about network resources as well as application-specific data from directory-enabled applications.

Microsoft Active Directory services use a database located on the file system of a domain controller. Further in the article, we will consider two possible network configurations:

  1. A network with only one domain controller (DC).
  2. There are more than one domain controller in a network and the information stored in the database is constantly replicated between multiple domain controllers

While the backup process doesn't vary much for these network setups, the restore process will be different.

Here’s how you perform a backup of the Active Directory using the image-based backup feature in CloudBerry Backup.


Resolution

How to backup the Microsoft Active Directory

Image-based backup allows the backup and recovery of the whole computer including the state and the structure of its drives and the operating system. Thus, it allows us to back up the domain controller’s system volume, boot volume, and the volumes where the AD database and transaction logs are located.

By default, the Active Directory database is located in the %systemroot%\NTDS folder (C:\Windows\NTDS) of a domain controller. Since the database and the transaction logs may be stored on different volumes make sure to include both in the backup.

When the backup is done - you have all the information required to recover the domain controller from scratch to new hardware (so-called bare metal recovery) with previously saved Active Directory settings.

How to recover the Microsoft Active Directory

Let’s consider several possible scenarios when you need to recover the Active Directory There was only one DC in the domain and this DC has crashed or when all domain controllers are lost. Active Directory database is corrupted and the AD service doesn’t start. Some critical files were accidentally deleted from the Active Directory.

Domain controller recovery

Here are the steps to recover the last or the only domain controller to new hardware:

  1. Install CloudBerry Backup for Windows on a server with similar hardware and create a bootable USB device.

  2. Boot your new server from this device. If you are not yet familiar with the Bare metal recovery process please refer to this step by step guide on how to perform it:

  3. Configure a Restore plan and make sure to select the latest available backup. This is especially important since all the information created since the last backup will be lost. Run the CloudBerry Backup Restore process.

NOTE: If your domain has only one domain controller, it is a good idea to run a backup at least daily.

  1. Let the Restore process complete.
  2. Reboot the computer and make sure the Active Directory service has started successfully.

Active Directory database recovery

If your AD database gets corrupted and the AD service doesn’t start - you need to recover only the database, no need to restore the whole server. If the AD database becomes corrupted on the file level rather than on the AD logic/schema level the way to recover it is to pull the corrupted files from the Image-based backup using Item-level restore option.

The AD database consists of the following files:

  1. NTDS.dit (database file)
  2. Edb.chk (checkpoint file)
  3. Edb*.log (transaction logs)
  4. Res1.log and Res2.log (reserve transaction logs)

By default, these files are located in the %systemroot%\NTDS folder.

The entire process will look like this:

  1. Reboot the domain controller into the Directory Services Restore mode and launch the CloudBerry Backup for Windows agent.
  2. Navigate to the Backup storage. On the left side of the window choose the storage with the image-based backup. When you click on the image-based backup in the left panel its content will appear in the right panel. Use the right-click to see the drop-down menu and choose the “File Level Restore” option.

  1. In the opened window you will see a file structure of your server. Navigate to a proper folder and choose a file to restore. Right-click on the file brings the “Restore to” option. When you hit it the pop-up window shows you your current file structure and you should choose the destination folder where to restore this file.

  1. Once you choose the destination folder and click the “Select folder” button the software will start the restore plan automatically.

If your domain has only one domain controller, it is a good idea to run a backup at least daily.

  1. Let the Restore process complete.
  2. Reboot the computer and make sure the Active Directory service has started successfully.

References:

Microsoft documentation

  1. Understanding the Active Directory logical model
  2. Windows Server 2008 R2 and 2008

Contact Us

https://git.cloudberrylab.com/egor.m/doc-help-kb.git