Active Directory - Backup, Restore
Knowledge Base Questions & Answers
What must be done to backup AD (Active Directory)?
System state’s data backup must be done to backup of AD.
What data contains System State?
System State contains:
-
AD (database including other files in NTDS folder) (only on DC (Domain Controller)).
-
Boot and system files.
-
DFSR (Distributed File System Replication) staging.
-
AD CS (Active Directory Certificate Services) (only if Certificate Authority server is installed).
-
Cluster Service Database (only if Failover Cluster server is installed).
-
COM+ class registration database.
-
File system junctions.
-
Group Policies settings (only on DC).
-
IIS (Internet Information Services) meta-directory (only if IIS server is installed).
-
Registry
-
Netlogon shared folders: default profiles, system policies, logon/logoff/startup/shutdown scripts.
-
SYSVOL (System Volume) folder (only on DC).
What are AD Restore types?
There are two AD Restore types:
-
Non-Authoritative Restore (D2 restore).
-
Authoritative Restore (D4 restore).
What is Non-Authoritative Restore of AD?
-
Non-Authoritative Restore is the default method to restore AD, and it is using when its data lost or corrupted.
-
It restores a DC to its state at the time of backup. After restoring of DC, the local copy of SYSVOL is compared with its replication partners. After restarting DC, SYSVOL replicates any necessary changes to itself, bringing restored DC up-to-date with the other DCs within the domain.
-
To perform a Non-Authoritative restore, DC must be started in DSRM (Directory Services Restore Mode).
What is the Authoritative Restore of AD?
-
Authoritative Restore performs restoring of DC from backup, and after making up necessary configurations, the AD marks the local SYSVOL as authoritative and replicates it to the other DCs within the domain.
-
It has abilities to restore only particular objects.
For example, if OU (Organizational Unit) was deleted. The Authoritative Restore will be able to restore just this object.
-
To perform an Authoritative restore, DC must be started in DSRM.
-
Authoritative Restores need to use ntdsutil utility.
-
Authoritative Restore often needed when human error is involved, such as when an administrator accidentally deletes some objects and that change replicated to the other DCs and the object cannot be recreated easily.
What is DSRM (Directory Services Restore Mode)?
-
DSRM is a special boot mode, which is using for repairing or recovering AD.
-
It is used to login to the computer when AD has failed or needs to be restored on DC.
Windows DNS (Domain Name System) Server - Resource Record
Knowledge Base Questions & Answers
In which file are DNS resource records stored when the zone is not “AD (Active Directory) - Integrated”?
-
When a DNS zone is not “AD (Active Directory) - Integrated,” the DNS resource records are typically stored in a text-based zone file. This file usually has a .dns extension in Windows DNS servers.
-
The location of these zone files in Windows Server environments is typically in the %systemroot%\system32\dns\ directory. However, the location can vary depending on the server software, OS (Operating System), and specific configurations set by the administrator.
-
For example, a zone file for itguidespro.com might be named itguidespro.com.dns.
What is a “Host File”?
-
The name of the “Host File” is hosts.
-
“Host File” is a text file that maps a hostname to an IP (Internet Protocol) address.
-
It is located in the directory.
\%systemroot%\system32\drivers\etc\ -
Example: hosts file with default data.
Experience-Based/Practical Questions & Answers
Where can you see “A” (Host), CNAME (Alias), MX (Mail Exchanger), NS (Name Server), and SOA (Start Of Authority) records information?
The path is as follows: “DNS Manager” MMC (Microsoft Management Console) snap-in -> DNS –> Server-Name –> “Forward Lookup Zones” -> Zone-Name.
-
For “A” record: “A” record -> Properties -> “Host (A)” tab.
-
For CNAME record: CNAME record -> Properties -> “Alias (CNAME)” tab.
-
For MX record: MX record -> Properties -> “Mail Exchanger (MX)” tab.
-
For NS records: NS record -> Properties -> “Name Servers” tab.
-
For SOA records: SOA record -> Properties -> “Start Of Authority (SOA)” tab.
Where can you see PTR (Pointer) records information?
The path is as follows: “DNS Manager” MMC snap-in -> DNS –> Server-Name –> “Reverse Lookup Zones” -> Zone-Name -> PTR record -> Properties.
Where can you see SRV (Service Location) records information?
The path is as follows: “DNS Manager” MMC snap-in -> DNS –> Server-Name –> “Forward Lookup Zones” -> Zone-Name -> _tcp folder -> SRV record -> Properties -> “Service Location (SRV)” tab.
Is it possible to set up TTL (Time-To-Live) values for individual records instead of using zone settings on the DNS server?
Yes. On record Properties -> TTL (Time-To-Live). The Advanced view must be enabled.
What DNS records are created when you install additional DC?
During the promotion of a server to DC (Domain Controller), the “A” and SRV resource records are dynamically registered in the DNS zone, which is necessary for the successful functioning of the DC locator mechanism.
What can be used to verify whether AD installation is proper with the SRV resource record?
After AD is installed, the DC will register SRV records in DNS when it restarts. It can be checked by using:
-
“DNS Manager” MMC snap-in
-
nslookup command.
How do clients find DCs in a domain?
Clients query DNS for the “A” and SRV DNS resource records of the DC, which provides the clients with the domain names and IP addresses of the DCs.
How to clear the DNS cache?
-
Reboot computer.
-
Run command:
ipconfig /flushdns
