Skip to main content
Solved

Is it possible to restore AD via Commvault if AD is down?

  • August 25, 2021
  • 1 reply
  • 1305 views

Forum|alt.badge.img+2

Looking at DR options for AD. Would like to know what Commvault options might be available to restore AD if AD is down?  I’m aware of System state and AD agents but it’s my understanding that if AD is down…. how would the restore work? 

Many thanks

Best answer by Damian Andre

Hey @TheBackupGuy,

Assuming AD is broken, a system state restore will be required if following traditional methods. You can perform an authoritative restore in the restore options, which will basically make this the ‘master’ domain controller which will forcefully replicate and overwrite all the other AD databases across other domain controllers that are running. Hopefully you never need to be in that situation, but that is what it is for.

Performing a non-authoritative restore will restore the domain controller to a functional state, but will overwrite the restored copy of AD with the ‘live’ copy from other domain controllers.

More info here

While microsoft does not recommend/support it (at least they didn't at some stage), you can restore your domain controller via VM backup - you may have to wrangle with some Microsoft tools to make it authoritative to achieve the same effect as above.

Note the AD agent ONLY restores granular objects and attributes, it cannot be used for a disaster scenario like you are describing.

View original
Did this answer your question?

1 reply

Damian Andre
Vaulter
Forum|alt.badge.img+23
  • Vaulter
  • 1287 replies
  • Answer
  • August 25, 2021

Hey @TheBackupGuy,

Assuming AD is broken, a system state restore will be required if following traditional methods. You can perform an authoritative restore in the restore options, which will basically make this the ‘master’ domain controller which will forcefully replicate and overwrite all the other AD databases across other domain controllers that are running. Hopefully you never need to be in that situation, but that is what it is for.

Performing a non-authoritative restore will restore the domain controller to a functional state, but will overwrite the restored copy of AD with the ‘live’ copy from other domain controllers.

More info here

While microsoft does not recommend/support it (at least they didn't at some stage), you can restore your domain controller via VM backup - you may have to wrangle with some Microsoft tools to make it authoritative to achieve the same effect as above.

Note the AD agent ONLY restores granular objects and attributes, it cannot be used for a disaster scenario like you are describing.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings