This posting is provided “AS IS” with no warranties, and confers no rights.
In Windows Server 2008, there are new tools you can use to create a snapshot of your Active Directory database at a point in time, ntdsutil snapshot, and then you can view the contents of that snapshot by using dsamain.exe. This is a great tool for data recovery and comparing changes made to your Active Directory database when the snapshot was taken and how the database looks today.
In cases where you need to perform forest recovery, these tools can help you compare backups taken at different points in time without taking your domain controllers offline to restore the backup and then to later find out this was not the backup you wanted.
In instances where you accidentally delete an object from Active Directory Users and Computers, you can view a snapshot of your environment before that object was deleted and recover the stripped back link information that is needed to fully restore the object. In the case of a deleted user object, you can use the snapshot to determine the user’s group membership before the object was deleted and then restore that information after you have used LDP or the Active Directory Module for Windows PowerShell to reanimate the tombstone (deleted) object.
To fully take advantage of snapshots, you should schedule a task that regularly takes snapshots of your AD DS database. By doing this, you can keep detailed records of the changes made to your AD DS database over time.
For more information about the AD DS Mounting tool including information about snapshots see:
- AD DS: Database Mounting Tool (http://technet.microsoft.com/en-us/library/cc753246.aspx)
- Active Directory Domain Services Database Mounting Tool (Snapshot Viewer or Snapshot Browser) Step-by-Step Guide (http://technet.microsoft.com/en-us/library/cc753609.aspx)
- End-to-End Scenario That Uses the Active Directory Database Mounting Tool (http://technet.microsoft.com/en-us/library/dd581644.aspx)