Active Directory Backup and Restore

This chapter discusses how you can back up and restore Active Directory by using the graphical user interface (GUI) and command-line tools provided in Microsoft® Windows® 2000 Server. The GUI tool, Backup, is used to back up and restore Active Directory (as well as other data and services). The command-line tool, Ntdsutil, is used in conjunction with Backup and gives you finer control over which Active Directory objects you restore.

AD BACKUP: - The Backup tool has several features that make backing up Active Directory a straightforward task that you can integrate into your regular backup procedures without interrupting the network or the operation of the domain controller you are backing up. For example, by using the Windows 2000 Backup tool you can:
• Back up Active Directory while the domain controller is online.
• Back up Active Directory, along with other system and data files.
• Back up Active Directory by using batch file commands.
• Back up Active Directory to any removable media, any available network drive, or a file.

Although Backup provides several methods for backing up data, the only type of Backup supported by Active Directory is normal backup. A normal backup creates a backup of the entire system while the domain controller is online. A normal backup marks each file as having been backed up, which clears the Archive attribute of the file. A normal backup also truncates the log files of database applications. To restore a system from a normal backup requires a single restore from the backup media (by comparison, restoring a system from an incremental backup requires all incremental backups as well as the first normal backup).
In addition, when you back up Active Directory, the Backup tool also automatically backs up all of the system components and all of the distributed services upon which Active Directory is dependent. This dependent data, which includes Active Directory, is known collectively as the System State data.
On a Windows 2000 domain controller, the System State data encompasses the system startup files; the system registry; the class registration database of COM+ (an extension to the Component Object Model); File Replication service (the SYSVOL directory); Certificate Services database (if it is installed); Domain Name System (if it is installed); Cluster service (if it is installed); and Active Directory. From a practical standpoint, this means that when you use the Backup tool to back up Active Directory, you cannot back up Active Directory by itself. It is recommended that you schedule and perform regular backups as a normal practice.
