Common Scenarios for Active Directory Related Backup and Disaster Recovery

(Or, Everything you ever wanted to know about AD DR Plans but couldn’t find in one place..)

As part of our Active Directory Risk Assessment Program we perform an Operational Interview portion of the engagement. During this we talk about things we can’t really ask the machines. Such as, SLA’s, OLA’s, DR Plans and various other things that involve humans more than computers but, are a vital part to the health and risk associated with an enterprise environment. One of the things that often come up are common scenarios in your Disaster Recovery plans. This came up for one of my customers and they asked me to compile information on how to handle these common topics. So I compiled a list of TechNet and KB articles that will hopefully help you guys plug these into your DR plans. (Even having the links to the online articles handy when a disaster comes up can save you time, money, frustration and sanity Smile ) Hope this helps!

- How to recover an Active Directory forest

Planning for Active Directory Forest Recovery

https://technet.microsoft.com/en-us/library/planning-active-directory-forest-recovery(WS.10).aspx

Word Doc of the entire Forest Recovery Whitepaper:

https://go.microsoft.com/fwlink/?LinkId=152459

- How to recover domains

Recovering Active Directory Domain Services

https://technet.microsoft.com/en-us/library/cc816751(WS.10).aspx

- How to recover DNS

(Mostly covered in the Recovering Active Directory Domain Services article but additional info found here)

How to reinstall a dynamic DNS Active Directory-integrated zone

https://support.microsoft.com/kb/294328

- How to seize and transfer FSMO roles

Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller

https://support.microsoft.com/kb/255504

How to view and transfer FSMO roles in the graphical user interface

https://support.microsoft.com/kb/255690

- How to perform metadata cleanup

Clean Up Server Metadata (2008 & 2008R2)

https://technet.microsoft.com/en-us/library/cc816907%28WS.10%29.aspx

Clean up server metadata (2000, 2003 & 2003R2)

https://technet.microsoft.com/en-us/library/cc736378(WS.10).aspx

- How to recover an entire server

Windows Server Backup Step-by-Step Guide for Windows Server 2008

https://technet.microsoft.com/en-us/library/cc770266(WS.10).aspx

Performing a Full Server Recovery of a Domain Controller

https://technet.microsoft.com/en-us/library/cc772519(WS.10).aspx

- How to perform authoritative restores

- Active Directory database

Performing Authoritative Restore of Active Directory Objects

https://technet.microsoft.com/en-us/library/cc816878(WS.10).aspx

Performing Authoritative Restore of an Application Directory Partition

https://technet.microsoft.com/en-us/library/cc816934(WS.10).aspx

- SYSVOL (requires special recovery procedures)

For DFS Replicated SYSVOL

Restoring and Rebuilding SYSVOL

https://technet.microsoft.com/en-us/library/cc816596(WS.10).aspx

How to force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (like "D4/D2" for FRS)

https://support.microsoft.com/kb/2218556

For FRS Replicated SYSVOL

Using the BurFlags registry key to reinitialize File Replication Service replica sets

https://support.microsoft.com/kb/290762

How to rebuild the SYSVOL tree and its content in a domain

https://support.microsoft.com/kb/315457

- Successfully restoring users and their group memberships

How to restore deleted user accounts and their group memberships in Active Directory

https://support.microsoft.com/kb/840001

- How to perform non-authoritative restores

- Active Directory database

Performing Nonauthoritative Restore of Active Directory Domain Services

https://technet.microsoft.com/en-us/library/cc816627(WS.10).aspx

- SYSVOL (requires special recovery procedures) (Note: Same articles as Authoritative Restore since they include both procedures in the info.)

For DFS Replicated SYSVOL

Restoring and Rebuilding SYSVOL

https://technet.microsoft.com/en-us/library/cc816596(WS.10).aspx

How to force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (like "D4/D2" for FRS)

https://support.microsoft.com/kb/2218556

For FRS Replicated SYSVOL

Using the BurFlags registry key to reinitialize File Replication Service replica sets

https://support.microsoft.com/kb/290762

How to rebuild the SYSVOL tree and its content in a domain

https://support.microsoft.com/kb/315457

-Chris Rutledge