After the restore is completed, you can either restart the server in normal operation mode and perform basic verification, or continue with the advanced verification. The advanced option is not usually required, and should be used with caution, as incorrect use of the ntdsutil utility can corrupt the Active Directory database. Both processes are explained below.
Requirements
Caution: The registry editor bypasses standard safeguards, allowing settings that can damage your system, or even require you to reinstall Windows. If you must edit the registry, back up system state first, as described in this guide.
Requirements
· You must log on at the local computer, or you must enable Terminal Services in Remote Administration mode on the remote domain controller.
· Credentials:
· Basic: Domain Admins or local Administrator
· Advanced: local Administrator
· Tool: NTBackup.exe
To perform basic Active Directory verification1. After the restore operation completes, restart the computer in normal operational mode. Active Directory and the Certificate Server automatically detect that they have been recovered from a backup. They perform an integrity check and re-index the database.
2. After you are able to log on to the system, browse the directory. Verify that all of the user and group objects that were present in the directory prior to backup are restored. Similarly, verify that files that were members of a FRS replica set and certificates that were issued by the Certificate Server are present.
To perform advanced Active Directory verificationCaution: The registry editor bypasses standard safeguards, allowing settings that can damage your system, or even require you to reinstall Windows. If you must edit the registry, back up system state first, as described in this guide.
1. Immediately after performing the restore operation, restart the server in Directory Service Repair Mode.
2. After the system starts, log on using the local Administrator account.
3. Verify that the Active Directory is in a state consistent with having been recovered from a backup. To do this, check for a specific registry subkey.
In the Run dialog box, type Regedit and click OK.
4. In the registry editor, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS.
5. Check that the subkey called Restore In Progress is present. This subkey is automatically generated by Windows NT Backup, and indicates to the Active Directory service that the database files have been restored and that Active Directory service must perform a consistency check and re-index the next time the directory is started. This subkey is automatically removed upon completion of this check. Do not add or delete this subkey.
6. Use Ntdsutil.exe to check for the recovered Active Directory database files. At the command prompt, type ntdsutil and press ENTER.
7. At the ntdsutil: prompt, type files and press ENTER.
8. At the file maintenance: prompt, type info and press ENTER.
9. If the Active Directory files have been recovered successfully, you should see output listing the paths for the database, the backup directory, the working directory and the log directory, as well as a list of the log file names and file sizes. Do not select any other options.
10. After you confirm that Active Directory has been restored from the backup and that the registry subkey is present, restart the server in normal mode.
11. When the computer is restarted in normal mode, Active Directory automatically detects that it has been recovered from a backup and performs an integrity check and re-indexes the database. After you are able to log on to the system, browse the directory and verify that all user and group objects that were present in the directory prior to backup are restored.
Comments