Windows 2000 Server Disaster
Recovery Guidelines
|
Operating System White Paper Abstract System administrators must protect their networks from
both data loss and machine failure. After providing guidelines for developing
a disaster prevention and recovery strategy, this paper provides guidelines
for system disaster recovery of machines running Microsoft® Windows® 2000
Server. The intended audience for this paper is an administrator
with experience in backing up and restoring complex systems, who is also
familiar with Windows 2000, its Active Directory™ service, and related
features such as Active Directory replication, the system volume (Sysvol),
and the File Replication Service (FRS).
The quantity of data being stored on computer networks
has increased exponentially over the last decade. This data explosion shows
no signs of slowing down. In addition, the number of users supported
continues to increase, as does the complexity of network systems. In this
constantly growing and changing environment, the information technology
community must maintain mission-critical applications, prevent excessive
downtime, and manage increasing business dependence on computer systems. System administrators must protect their networks from
both data loss and machine failure. This effort encompasses both routine
procedures performed on an on-going basis and non-routine steps taken to prevent
or recover from unexpected disasters. Some of the potential causes of failure include: ·
Hard disk subsystem failure ·
Power failure ·
Systems software failure ·
Accidental or malicious use of deletion or
modification commands ·
Destructive viruses ·
Natural disasters (fire, flood, earthquake,
and so on) ·
Theft or sabotage After outlining a strategy for developing a disaster
prevention and recovery procedures and listing new or enhanced Windows 2000
file system, data storage, and The intended audience for this paper is an administrator
with experience in backing up and restoring complex systems, who is also
familiar with Windows 2000, its Active Directory™ service, and related
features such as Active Directory replication, the system volume (Sysvol),
and the File Replication Service (FRS). For detailed technical information
about these topics, see the section "For More Information" at the
end of this paper.
You should develop and thoroughly test a backup and
recovery plan before moving any operating system or application from a
development or testing environment into a production environment. When
testing, you should look for vulnerable areas by simulating as many possible
failure scenarios as you can. For each operating system and application you introduce
to your environment, you should answer the following questions: ·
What are the possible failure scenarios? ·
What is the critical data? ·
How often should you perform backups? ·
When should you perform a full backup versus
an incremental or differential backup? ·
To what medium will you send the backup
(tape, diskette, disk)? ·
Will you perform backups online (while users
are working) or offline? ·
Will you do the backups manually or schedule
them to be done automatically? ·
If the backup is automated, how will you
verify that it successfully occurred? ·
How will you ensure that the backups are
useable? ·
How long will you save the backups before
reusing the medium? ·
Assuming failure, how much time will it take
to restore from the most recent backup? Is that an acceptable amount of
downtime? ·
Where will you store the backups, and do the
appropriate people have access to them? ·
If the responsible system administrator is
gone, is there someone else who knows the proper passwords and procedures to
do backups and, if necessary, to restore the system? You should answer these questions for each production
environment you manage. However, this is not a complete list—you must
determine other questions specific to your particular situation. Here are some guidelines for developing an effective
backup strategy. Again, you should adapt and expand these suggestions to suit
your organization's requirements and goals. ·
Develop backup and restore strategies with
appropriate resources and personnel, and test them. A good plan ensures that
you can quickly recover your data if it is lost. ·
Give the responsibilities of backup and
restore to an administrator. ·
Back up an entire volume to prepare for the
unlikely event of a disk failure—this lets you restore the entire volume in
one operation. ·
Back up the directory services database
(Active Directory) to prevent the loss of user account and security
information. This must be done locally. ·
Each time the Backup utility completes a
back up, it creates a log of the backed-up files. Print this backup log each
time you perform a backup. Keep a book of logs to make it easier to locate
specific files. The backup log is helpful when restoring data; you can print
it or read it from any text editor. In addition, if the tape containing the
backup set catalog is corrupted, the printed log can help you locate a file. ·
If, while a backup is taking place, a file
is being used (opened exclusively) by another application, that file will not
be backed up. Any file that is not backed up for this reason appears in the
log. It is extremely important to understand which files are not being backed
up and why—you use the logs to determine this. ·
Keep three copies of the backup media. Keep
at least one copy offsite in a properly controlled environment. ·
Perform a trial restoration periodically to
verify that your files were properly backed up. A trial restoration can
uncover hardware problems that do not show up with software verifications. ·
Secure both the storage device and the
backup media to prevent an administrator for another server from restoring
stolen data onto your server.
Windows 2000 Server introduces a number of new or
enhanced file system, data storage, and Caution It is important to understand that these
features require the use of backup products that are aware of the new
capabilities built into Windows 2000, such as those introduced with the
updated NTFS 5.0 file system. Running third-party backup products designed
for Windows NT 4.0 could cause loss of data. Check with your backup vendor to
ensure that all backup products are Windows 2000 compliant. New or Enhanced
NTFS-related Features: ·
NTFS reparse points ·
NTFS directory junctions ·
NTFS volume mount points ·
NTFS sparse files ·
NTFS change journal ·
Encrypting File System (EFS) ·
Distributed link tracking and object ids New or Enhanced
Storage or Storage-related Features: ·
Volume management ·
Disk quotas ·
Single Instance Store (SIS) ·
System File Protection (SFP) ·
Removable Storage ·
Remote Storage ·
Distributed File System (Dfs) ·
Indexing Service New or Enhanced ·
System boot files ·
Registry ·
COM+ Class Registration database ·
Performance counters ·
Certificate Services database ·
System Volume (Sysvol) directory ·
Active Directory ·
Cluster database ·
File Replication Service (FRS) For detailed technical information about each of these
features, see the section "For More Information" at the end of this
paper.
Windows 2000 includes a completely rewritten backup
utility. The new graphical user interface (GUI) calls this utility Backup,
but to invoke it from the command line, you type ntbackup. Backup helps
protect data from accidental loss due to hardware or storage media failure. The updated Backup utility is integrated with the core
Windows 2000 Server distributed services, which include Active Directory,
File Replication Service (FRS), and Certificate Services. Active Directory
and FRS can exist only on a Windows 2000 domain controller, not on a member
server. This integration means that—when run locally on a domain
controller—Backup lets you back up or restore these services by checking the With Windows 2000, data can be backed up to a tape
drive, a logical drive, a removable disk, or to an entire library of disks or
tapes organized into a media pool and controlled by a robotic changer. Backup's new interface includes backup and restore
wizards, property sheets for media pools, and direct access to My Network
Places via Active Directory. Backup lets you perform the following tasks: ·
Back up selected user files and folders
located on your hard disk. ·
Back up your computer's ·
Restore backed-up files and folders to your
hard disk or to any other disk you can access (with the exception of some ·
Schedule regular back ups to keep your
backed-up data up-to-date. ·
Make a copy of Remote Storage data and any
data stored on mounted drives. ·
Create an Emergency Repair Disk (ERD), which
helps you repair system files if they become corrupted or are accidentally
erased. Windows 2000 Backup offers three wizards: ·
Backup Wizard. Helps you create a
backup of your programs and files to help prevent data loss and damage caused
by disk failures, power outages, virus infections, and other potentially
damaging events. ·
Restore Wizard. Helps you restore
your previously backed-up data in the event of a hardware failure, accidental
erasure, or other data loss or damage. ·
Emergency Repair Disk. Helps you create an
Emergency Repair Disk (ERD) that you can use to repair and restart Windows if
it is damaged. This option does not back up your files or programs, and it is
not a replacement for regularly backing up your system. To open Backup, click Start, click Programs,
click Accessories, click System Tools, and then click Backup.
You should see the screen shown in Figure 1.
Figure 1 Starting the Backup utility Click the Backup Wizard button and follow the
onscreen instructions. Creating an
Emergency Repair Disk On the Backup utility's Welcome screen, the third choice
(in addition to Backup Wizard and Restore Wizard) is Emergency
Repair Disk. You can use Backup to create an Emergency Repair Disk (ERD)
to help repair problems with your system files (if they are accidentally
erased or become corrupt), your startup environment (if you have a dual-boot
or multiple-boot system), or the partition boot sector on your boot volume. Make sure you have a blank 1.44 MB floppy disk, and then
start the ERD wizard and follow the prompts. Important When you create an ERD, information about
your current system settings is saved in the systemroot\repair folder. Do not
delete or change this folder, or you may not be able to repair problems with
your system.
This section provides information that you must
understand before you use the Windows 2000 Backup utility. Maintaining the Boot
Configuration As soon as you successfully install Windows 2000, back
up the Never delete Boot.ini, Ntldr, Bootsect.dos, Ntdetect.com, or Ntbootdd.sys (if Windows is
installed on a SCSI disk) in the root directory of the system volume. If
these hidden system files are deleted, Windows will not start. Backing Up and
Restoring When you choose to back up (or restore) the System
State, all of your computer's System State data is backed up or restored
together as a set. You cannot choose to back up (or restore) individual
components of the Active Directory When restoring System State, your recovery plan should
take into account the fact that the age of the backup tape should not exceed
the Active Directory Tombstone Lifetime (this is the length of time that
deleted objects are maintained in Active Directory before the system
permanently removes them; the default is 60 days). If a tape older than the
tombstone is restored, the restore APIs will reject all of the data as out of
date. Backups must be done on a regular basis Backup and restore operations are performed by the
following types of users: ·
Data. Members of the
Backup Operators group can back up and restore data. The Backup Operators
group is one of the built-in groups provided by Windows 2000. Any domain user
or group granted the user rights Back up files and directories and Restore
files and directories can also back up and restore data. To grant a user
(or, more typically, a group) these backup and restore rights, use the Group
Policy snap-in, which is accessed through the Active Directory Users and
Computers tool. ·
By default, backup files have the extension .bkf. However, you can
use any extension you like. You can use Backup to back up and restore data on either
FAT or NTFS volumes. If you back up data from an NTFS 5 (Windows 2000 NTFS)
volume, you should in most cases restore the data to an NTFS 5 volume. If you
restore the data to a FAT or Windows NT 4.0 or earlier NTFS volume, you will
lose certain file and folder features and you could lose data as well. For
example, file permissions, EFS settings, disk quota information, mounted
drive information, and Remote Storage information will be lost. Note File permissions should be restored only if the files
are restored to a computer in the same domain as that of the original owner's
account. Administrators and backup operators can back up (and
restore) encrypted files and folders without decrypting them. Methods for
Restoring Replicated Data There are three different ways to restore replicated
data: ·
Non-authoritative restore (default). A non-authoritative
restore results in the restored data (which may be out-of-date) becoming
synchronized with the data on other domain controllers through replication.
That is, data from non-failed domain controllers is replicated to the newly
restored domain controller. Most restores are non-authoritative. This type of
restore is used to provide a start point (the point of time at which backup
was taken) for data replication to minimize the replication traffic on the
network—only changed data (rather than the entire directory) is replicated.
In the absence of this start point, all data would be replicated from other
servers. ·
Authoritative restore. In contrast, an authoritative
restore causes the restored domain controller's replicated data to be
authoritative in relation to its replication partners. Such a restore is
unusual, but, when used, has the effect of rolling back the entire network to
the point in time of the backup. This action may be used to restore
erroneously deleted information of a replicated set of data. ·
Primary restore. Use this type of
restore when the server you are trying to restore is the only working server
of a replicated data set (the Sysvol, for example, is a replicated data set).
Typically, perform a primary restore only when all the domain controllers in
the domain are lost, and you are trying to rebuild the domain from backup.
Select primary restore for the first domain controller and non-authoritative
restore for all the other domain controllers. Table 1 shows which type of restore applies to which
type of replicated data: Table 1 Use the appropriate restore method for each type
of replicated data.
Note 1 To accomplish this, use the Ntdsutil
utility after performing the restore process (where to find Ntdsutil and how
to do this procedure are described later in this paper). Note 2 To accomplish this, restore the data to an
alternative directory and manually copy the data back to the original directory.
The copy will then be the latest source, and it will be propagated to all
replicas. Note 3 To accomplish this, use the Clusrest
utility (found in the Windows 2000 Server Resource Kit). This will copy the
restored quorum data to the quorum disk. The non-authoritative, authoritative, and primary
methods for restoring replicated data are described in detail below in the
section "Restoring and Reconciling Server Services." Important It is critical to practice restoration to
ensure the process works in the case of a real emergency. The restore procedure can be time consuming, depending
on the type of media and drive you use. A number of fault tolerant options
are available to help avoid machine failure. Consider implementing one or
more of these options, especially on a server providing critical service. For
example, you can implement a mirrored volume for the boot volume or a RAID-5
volume for data volumes. For more information about mirrored volumes,
RAID-5, and other fault tolerant options, see "For More
Information." During the course of the restoration process, you may be
asked for several pieces of information, depending on the configuration of
the hardware, the product you are running on the computer, and the services
you have running. Because the computer is down at this point, you have
no way to reconstruct this information, so it is important to have it written
down or printed out before a disaster occurs. Table 2 lists the required
information. Table 2 Required information to perform a successful
restore.
This section provides a flowchart that shows the steps
you perform in the event of a hard disk failure, when you must restore the
machine from the ground up. You use the restore wizard provided by the Backup
tool to restore the system to an operational state. Note Using the restore procedure for copying a system from
one machine to another is not recommended. To perform an upgrade, use the
distribution media. Flowchart Showing
System Restoration The flowchart in Figure 2 outlines the steps for
restoring a system from a state of complete failure to a known point in time.
The flowchart outlines the system restore process at a general level. The
details of the processes and applications involved are discussed in the
following sections.
Figure 2 Steps to restore a system from a state of
complete failure to a known point in time.
If you have to perform a restore, several server
services require special attention to make them operational. Table 3 lists
the services that require additional effort. The subsections that follow the
table provide additional information about restoring each service. The final
subsection tells you how to verify the successful restoration of distributed
services. Table 3 How to handle server services when performing a
restore
On a TCP/IP network, the Windows Internet Naming Service
(WINS) dynamically maps IP addresses to computer names (NetBIOS names).
Because of this, WINS lets users access resources by name, instead of
requiring them to use IP addresses that are difficult to recognize and
remember. WINS servers support clients running Windows NT 4.0 and earlier
versions of Microsoft operating systems. When a server receives a request from a client machine
asking for a mapping from a friendly name to an IP address, WINS responds.
When a restore is completed, the WINS database is restored, but this database
may be out-of-date because the information on the network is dynamic. The
database updates itself over time and within a day or two should be
consistent. During this time, some name requests may go unanswered or contain
incorrect mappings. If the WINS database is replicated among several WINS
servers (the recommended procedure), you should initiate replication, which
synchronizes the database with the up-to-date server. If no other server is
available, it is best to let the database synchronize on its own. The Dynamic Host Configuration Protocol (DHCP) is a
networking protocol that offers dynamic configuration of Internet Protocol
(IP) addresses for computers. DHCP ensures that address conflicts do not
occur and helps conserve the use of IP addresses through centralized
management of address allocation. The DHCP server allocates IP addresses and other network
configuration information to DHCP-aware network clients. Using DHCP is the
most common way to distribute IP addresses in a modern network. The DHCP
database is restored by the recovery process. However, the database will be
out of date back to the date the backup was performed, and this can result in
the issuing of duplicate IP addresses. Having duplicate addresses causes
those machines to cease all network operations. To avoid this, DHCP has a
"safe mode of operations." In this mode, DHCP broadcasts on the
network to verify that the IP address it is about to issue is not already in
use. After a restore, the database should be reconciled and safe mode should
be entered for a period of one-half of the IP lease duration. Because this
mode significantly reduces network and server performance and because entering
safe mode for this period of time is sufficient to ensure that DHCP functions
properly, Microsoft recommends that you quit this mode as soon as the
one-half lease duration is met. To reconcile the DHCP database, choose the Action
menu from the DHCP snap-in and select Reconcile while the scope is
highlighted. Then, choose Conflict Detection in the scope properties
under Advanced and set the number of attempts to 1. The Remote Storage service (the Windows 2000 version of
Hierarchical Storage Management) frees up disk space by moving data from the
local hard disk to a remote storage device (such as tape) from which it can
be recalled whenever needed. Users still see and access the data without
knowing that it has been archived. The Remote Storage service cannot recall its database
from the Remote Storage tape during the restore operation unless the Remote
Storage tape is in the correct drive, that is, the drive configured to be the
Remote Storage device or in the robotic library. If any issues with the
service exist, the tapes will restore by using the database copy that it
stores on the tape. This is an automatic process that requires no user
intervention. Certificate Services is the Windows 2000 service that
issues certificates for a particular Certificate Authority. It provides
customizable services for issuing and managing certificates for the
enterprise. After performing a restore operation, you do not have to
take any special steps for the Certificate Server service. However, on the
network, certificates may exist that were issued prior to the restore
operation. Although the Certificate Server service is now unaware of these
certificates, they are valid and will continue to function. Internet Information Services (IIS) is a set of software
services that support Web site creation, configuration, and management, along
with other Internet functions. If you perform a complete system restore, you do not
need to take additional steps to restore IIS. If you perform a partial
restore of a file only, you may need to use the IIS MMC snap-in to restore
the IIS database. You can find instructions about how to do this in the IIS
help pages. The two methods to restore Active Directory are a
non-authoritative restore (the default) and an authoritative restore. The
authoritative restore can be done only following a regular
(non-authoritative) restore and you must use the Ntdsutil utility to
accomplish it. Therefore, the default (non-authoritative) restore process is
the only option that Ntbackup provides for restore. Note In order to restore Active Directory while in Directory
Services Restore Mode (described next), you must have Local Administrator
credentials. Non-Authoritative
Restore Use these steps to perform a non-authoritative restore
of Active Directory: 1.
Boot into Directory Services Restore Mode.
This ensures that the directory is offline. In order to do this, during the
normal boot menu (Please select the operating system to start) while
restarting the computer, notice the message at the bottom of the screen: For
troubleshooting and advanced startup options for Windows 2000, press F8.
Do so, and then select Directory Services Restore Mode from the Safe
Mode and Other Startup Options list. 2.
Select the Windows 2000 operating system and
logon with the standalone server's local administrator account. 3.
When a dialog box warns you that you are in
Safe Mode, click OK. 4.
When the computer starts (you should see
"Safe Mode" on all four corners of the desktop), start the Backup
utility (click Start, then Programs, Accessories, System
Tools, and Backup). 5.
Click the Restore Wizard button to
start the restoration process. Click Next. 6.
At the Restore Wizard screen, called
"What to Restore," expand File, expand the appropriate Media
created <date> at <time> entry (probably the
most recent one), and then checkmark the System State entry (if you
had backed up individual files or folders at the same time you backed up
System State, you should also check the drive those files are on). Click Next.
7.
Click the Advanced button and select
any other options you wish. 8.
Click Finish. 9.
When you are prompted to re-start the
computer, click No if you wish to perform an Authoritative Restore of
Active Directory objects (see next subsection.) 10.
Close the Backup utility. Authoritative Restore To authoritatively restore Active Directory data, you
need to run the Ntdsutil utility after you have non-authoritatively restored the You can find help for how to use the Ntdsutil utility by
typing ntdsutil
/? at
the command prompt. For additional information about Ntdsutil, refer to
Windows 2000 online Help. When reading the steps described in the example below,
assume that the administrator has inadvertently deleted an organizational
unit (OU) called Marketing in a domain called Antipodes.com. Both " When restoring a domain controller's System State in
Safe (Active Directory Restore) Mode in the last subsection, the last step
was to click No (if you want to perform an Authoritative Restore) when
prompted to re-start the computer. Continuing from that point, here are the
steps to authoritatively restore Active Directory objects: 1.
From the Start menu, point to Programs,
point to Accessories, and click Command Prompt. 2.
At the command prompt, type ntdsutil. 3.
At the NTDSUTIL prompt, type authoritative restore. 4.
At the authoritative restore prompt, type restore subtree
OU=Marketing,DC=
Figure 3 Performing an Authoritative Restore. 5.
You should see the message
"Authoritative Restore completed successfully." 6.
To exit the authoritative restore prompt,
type quit. To exit the Ntdsutil prompt, type quit. To exit the command
prompt, type exit. If you wish to perform advanced Active Directory
verification, you must remain in Safe Mode while you do so (see
the section called "Performing Advanced Verification (Optional),"
later in this document, for instructions). However, typically you would just
reboot and logon normally at this point. Note While authoritatively restoring an object using
Ntdsutil, the leaf objects are also authoritatively restored. Caution Many applications depend on Active
Directory as a source of data, such as user account information and
distributed file system (Dfs) references. If the database is rolled back, it
can result in loss of this data. Some of this data, such as user accounts,
cannot be restored once lost. Therefore, an authoritative restore should be
performed only by an experienced administrator. The Sysvol is a replicated data set that contains the
policies and scripts that are used by Active Directory. Sysvol uses Windows
2000 file replication for distribution throughout the network. The three
options for Sysvol restore are identical to the options for file replication:
the primary, non-authoritative (the default), and authoritative restores. Note Although typically you restore Sysvol and Active
Directory together, this paper explains them separately in order to clarify
the issues involved for each process. Primary Restore Perform a primary restore when all domain controllers in
the domain are lost and you want to rebuild the domain from backup (do not
perform a primary restore if any other working domain controller in this
domain is available). Use primary restore for the first domain controller,
and then, later, select non-authoritative restore (described next) for all
other domain controllers. A primary restore builds a new FRS database by loading
the data present under Sysvol onto the local domain controller. To perform a primary restore, use the Backup utility to
restore the System State (described above), select the Advanced option
to access the Advanced Restore Options dialog box, and then select the
checkbox When restoring replicated data sets, mark the restored data as
the primary data for all replicas, as shown in Figure 4.
Figure 4 Select this option to select Sysvol primary
restore mode. Important If this domain controller is a member of
FRS replica sets other than the Sysvol replica set, those other replica sets
will also be restored as primary. If you want to restore only the Sysvol
replica set, select the option as shown in Figure 4, and then, after the
restore is complete, delete the other replica sets. Non-authoritative
Restore Perform a non-authoritative (normal) restore when at
least one other domain controller in the domain is available and working (do not
perform a non-authoritative restore when this domain controller is the only
domain controller in the domain). You use a non-authoritative restore when
you want this domain controller to receive the Sysvol data from a non-failed
domain controller. A non-authoritative restore ignores all the Sysvol data
that is restored locally. After reboot, FRS receives all the Sysvol data from
its inbound partner domain controllers. After the non-authoritative restore
completes, the Sysvol tree on the local machine is the mirror image of the
Sysvol tree on the inbound partners. To perform a non-authoritative restore, use the Backup
utility to restore the Authoritative Restore Perform an authoritative restore when you have
accidentally deleted critical Sysvol data from the local domain controller
and the delete has propagated out to other domain controllers (do not
perform an authoritative restore if the local domain controller is not a
working domain controller or if it is the only domain controller in the
domain). You can perform an authoritative restore of Sysvol only on a working
domain controller (that is, changes to Sysvol are replicating from this domain
controller to other domain controllers). An authoritative restore replicates any changes made to
the current Sysvol tree to its outbound replication partners. Use these steps to perform an authoritative restore of
the Sysvol: 1.
Use Ntbackup to restore the 2.
Use Ntdsutil to authoritatively restore
Active Directory (described earlier). This step is required because it is
always advisable to restore Active Directory along with Sysvol, so that they
are not out of sync. 3.
Reboot the system to normal mode and allow
the Sysvol to be published (this may take several minutes). 4.
Copy the old Sysvol (from the alternative
location) over the existing one. Important ou should always authoritatively restore
the Sysvol whenever you authoritatively restore Active Directory, and
vice-versa. This ensures that the Sysvol and Active Directory are in sync. Verifying Distributed
Services Restoration Two methods to verify Active Directory restoration
exist, called basic verification and advanced verification.
Basic verification also includes verifying that FRS and Certificate Service
restoration completed successfully. Advanced verification is optional and can
usually be omitted. However, if you wish to perform advanced verification,
you must do it first. Performing Advanced
Verification (Optional) Advanced verification is not usually required for normal
recovery operations. Incorrect usage of the utility described in this
subsection may corrupt the Active Directory database, which means you will
have to restore the database from backup again. Whether you did or did not perform an authoritative
restore, follow these steps to perform an advanced verification: Note Before you perform these steps, ensure that you are in
Directory Services Restore Mode. 1.
Click Start, click Run, type regedit, and then click OK.
2.
Select the registry key HKEY_LOCAL_MACHINE
\SYSTEM \CurrentControlSet \Services \NTDS. Check that there is a subkey
called Restore In Progress. This key, automatically generated by
Backup, indicates to Active Directory that the database files have been
restored and that it should perform a consistency check and re-index the next
time the directory is started. This key is automatically removed upon
completion of this check—DO NOT ADD or DELETE this key manually. 3.
Close regedit. 4.
To check for the recovered Active Directory
database files using the utility Ntdsutil, click Start, then click Programs,
and then click Command Prompt. At the command prompt, type ntdsutil. 5.
At the Ntdsutil prompt, type files. At the file
maintenance prompt, type info. If the Active Directory files have been recovered
successfully, you should see information similar to that shown in Figure 5
below. DO NOT SELECT ANY OTHER OPTIONS.
Figure 5 Performing advanced verification. 6.
To exit the file maintenance prompt, type quit. To exit the
Ntdsutil prompt, type quit. To exit the DOS prompt, type exit. 7.
Restart the server in normal mode and logon
to the system normally and perform basic verification (described next). Performing Basic
Verification Basic verification consists of initiating automatic
steps by rebooting and logging on normally and then confirming that the
restored distributed services are in a state consistent with a successful
restoration: 1.
Restart the computer. After you complete
the restore operation and restart the computer normally, Active Directory
will automatically detect that it has been recovered from a backup, will
perform an integrity check, and will re-index its database. Both Active
Directory and FRS will be brought up-to-date from their replication partners
using the standard replication protocols for each of those services. 2.
Confirm distributed services successfully
restored. You should be able to browse the directory and confirm that all
the user and group objects that were present in the directory prior to backup
were restored. Similarly, confirm that files that were members of an FRS
replica set and certificates that were issued by the Certificate Service are
present.
In recent years, many networks have expanded both in
terms of the number of machines included in the network and the amount of
data stored on network computers. One major task of administrators is to
protect data from accidental loss due to hardware or storage media failure. After providing guidelines for developing a disaster
prevention and recovery strategy and listing new or enhanced Windows 2000
file system, data storage, and For the latest information on Windows 2000 Server, check
out our Web site at http://www.microsoft.com/windows/server
, and the Windows NT Server Forum on MSN™ at http://computingcentral.msn.com/topics/windowsnt
. In addition, you can look at the following sources for
more information: File and Print Services Technical Overview http://www.microsoft.com/TechNet/prodtechnol/windows2000serv/evaluate/featfunc/fileprin.asp
white paper—for information about new or enhanced NTFS and storage-related
features, including the File Replication System (FRS). Enterprise Class Storage in Windows 2000 white paper http://www.microsoft.com/TechNet/prodtechnol/windows2000serv/evaluate/featfunc/storage.asp
—for an in-depth description of key enhancements to the Windows 2000 storage
architecture. Development Considerations for Storage Applications in
Windows 2000 http://www.microsoft.com/WINDOWS2000/library/howitworks/fileandprint/stordev.asp
—for information about how new Windows 2000 features and enhancements affect
storage applications, including how storage application developers can
support and exploit storage-related features in the applications they design.
Active Directory Architecture http://www.microsoft.com/TechNet/win2000/win2ksrv/technote/adarch.asp
white paper—for information about Active Directory, including Active
Directory replication, LDAP distinguished names, and more. "Active Directory Replication" chapter in the Windows
2000 Server Resource Kit (scheduled to be published by Microsoft Press in
the first half of the year 2000; also located on the Windows 2000 Server,
Advanced Server CDs as part of Support Tools)—for in-depth information about
Active Directory replication. "Active Directory Backup and Restore" chapter
in the Windows 2000 Server Resource Kit (scheduled to be published by
Microsoft Press in the first half of the year 2000; also located on the
Windows 2000 Server, Advanced Server CDs as part of Support Tools)—for
in-depth information about restoring Active Directory, including
non-authoritative and authoritative restores. "Planning a Fault-Tolerant Disk Configuration"
section in the chapter "Planning a Reliable Configuration" in the Windows
2000 Server Resource Kit (scheduled to be published by Microsoft Press in
the first half of the year 2000; also located on the Windows 2000 Server,
Advanced Server CDs as part of Support Tools)—for information about mirrors,
RAID-5 and other fault tolerance strategies. "Backup" and "Repair, Recovery, and
Restore" chapters in the Windows 2000 Server Resource Kit
(scheduled to be published by Microsoft Press in the first half of the year
2000; also located on the Windows 2000 Server, Advanced Server CDs as part of
Support Tools)—for additional information about Windows 2000 backup and
recovery procedures, including recovering Remote Storage data. © 2000 Microsoft Corporation. All rights reserved. The information contained in this document represents
the current view of Microsoft Corporation on the issues discussed as of the
date of publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of
Microsoft, and Microsoft cannot guarantee the accuracy of any information
presented after the date of publication. This white paper is for informational purposes only.
MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Microsoft, Active Desktop, BackOffice, the BackOffice
logo, MSN, Windows, and Windows NT are either registered trademarks or
trademarks of Microsoft Corporation in the United States and/or other
countries. Other product and company names mentioned herein may be
the trademarks of their respective owners. Microsoft Corporation • 0200 1 Active Directory naming conventions for LDAP
distinguished names utilize the abbreviation OU for organizational unit, which
refers to the organizationalUnit (OU) object class; and the abbreviation DC
for domain component, which refers to the domainDns object class. If you are
not familiar with Active Directory object classes and distinguished names,
see the link to the "Active Directory Architecture" white paper in
"For More Information.") |
|||||||||||||||||||||||||||||||||||||||||||||||||||
