Skip to main content
Solved

Full System Recovery of Active Directory (non-production environment)

  • July 8, 2022
  • 1 reply
  • 1046 views

Forum|alt.badge.img+10

Hi, I would like to test a Full System Recovery of Active Directory, not the backuped data itself, but the procedure. 

2 DC’s (Windows 2008 R2) with agents installed. 

According to the documentation, In the event of a disaster, I can recover the full system by using either 1-Touch Bare Metal Recovery or a full system recovery.

In my case, I want to test “Full System Recovery: Recovering a Domain Controller” documentation starting from second item (Restoring the file system data). 


Why do we have 3 options there? Primary, Non-Authoritative and Authoritative

 

Microsoft documentation cites only two options.

The restoration of a domain controller can be performed in one of two ways: with a non-authoritative or an authoritative restore.

 

Where does the Primary option comes from? 

I have the impression that the following option refers to restoring a server with the Microsoft Clustering service installed. This is applicable to Active Directory restore process. 

Where does the option Allow Authoritative for Cluster Database relates to an Active Directory restore procedure? I know that this documentation is generic, not specific to Active Directory, but I just want to make sure that I’ll choose the correct parameters.

 

In case I use the param Authoritative option, what will Commvault do? Why do I need to run the ntdsutil tool manually to replicate the changes to the other domain controllers? Why Commvault software can’t do that automatically?

 

 

Best answer by Mike Struening RETIRED

Thanks for the post @Eduardo Braga !

The bullet points are separate for different concerns.

The first one refers to Domain Controllers only.  Basically, it is allowing you to do a restore based on the type of AD setup you have.  Is there only one DC (primary)?  If not, do you have multiple (and this is only one of them)?  If so, is this the authoritative DC or a non-authoritative?  the restore is setting the restored server up in whatever way you need for DC replication (either to push or to pull).

The other set refers to Clusters only.  Is this a clustered setup?  If so, how should the DC node get restored?

As far as actually doing the replication to or from other domain controllers, that’s handled by AD itself, not the restore.  You may have several AD DCs out there, doing their replication outside of CV.

View original

Mike Struening
Vaulter
Forum|alt.badge.img+23

Thanks for the post @Eduardo Braga !

The bullet points are separate for different concerns.

The first one refers to Domain Controllers only.  Basically, it is allowing you to do a restore based on the type of AD setup you have.  Is there only one DC (primary)?  If not, do you have multiple (and this is only one of them)?  If so, is this the authoritative DC or a non-authoritative?  the restore is setting the restored server up in whatever way you need for DC replication (either to push or to pull).

The other set refers to Clusters only.  Is this a clustered setup?  If so, how should the DC node get restored?

As far as actually doing the replication to or from other domain controllers, that’s handled by AD itself, not the restore.  You may have several AD DCs out there, doing their replication outside of CV.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings