Running a manual disaster recovery of a local Windows computer (includes non-authoritative and authoritative restore of Active Directory for a domain controller)

Article:HOWTO23132  |  Created: 2010-01-01  |  Updated: 2011-05-04  |  Article URL http://www.symantec.com/docs/HOWTO23132
Article Type
How To

Product(s)

Environment

Subject


Running a manual disaster recovery of a local Windows computer (includes non-authoritative and authoritative restore of Active Directory for a domain controller)

Use the following steps to manually recover a local Windows computer, which includes non-authoritative and authoritative restore of Active Directory for a domain controller.

To run a manual disaster recovery of a local Windows computer, which includes non-authoritative and authoritative restore of Active Directory for a domain controller

  1. Install the original version of Windows.

    This basic Windows installation is necessary to provide Backup Exec with a target to which it can restore the system. The computer name, Windows directory, and the file system (such as NTFS) must be the same as the previous Windows installation. This installation will be overwritten by the backed up version, which will restore your original system configuration, application settings, and security settings.

    If you are recovering from an entire hard disk failure, use Windows setup to partition and format the new disk during installation.

    Format the partitions with the same file system as before the failure, as follows:

    • If the system was in a specific domain or workgroup, do not join the domain or workgroup at this time.

    • If you are recovering a domain controller, do not perform the domain controller installation process at this time.

  2. Install Backup Exec to a directory other than where it was originally installed (this is a temporary installation).

    Always log on to Windows using the Administrator account or its equivalent during this procedure.

  3. Using the Device Configuration Wizard, install the appropriate device driver for the attached media drive.

  4. Start Backup Exec.

  5. From the navigation bar, click Devices.

  6. Inventory the media containing the latest full backup of the computer to be recovered.

    See About inventorying media.

  7. Catalog the media containing the latest full backup of the computer to be recovered. If the subsequent differential/incremental backups are on separate media, catalog those also.

    See Creating a new catalog.

  8. From the navigation bar, click Restore.

  9. Select all sets from the full and incremental backups that contain logical drives on the hard disk. If differential backup sets are to be restored, select only the last differential set. Make sure you include System State and Shadow Copy components as part of the restore selections.

  10. On the Properties pane, under Settings, click General, and then select the following options:

    • Restore over existing files

    • Restore security

    • Preserve tree

  11. On the Properties pane, under Settings, click Advanced, and then select the appropriate options.

    See Advanced options for restore jobs.

    If you are restoring a computer that is the only domain controller in the domain or the entire domain is being rebuilt and this is the first domain controller, select the option Mark this server as the primary arbitrator for replication when restoring folders managed by the File Replication Service, or when restoring SYSVOL in System State.

  12. Click Run Now.

  13. If you are restoring a computer that is the only domain controller in the domain or the entire domain is being rebuilt and this is the first domain controller, reboot the computer after the restore job successfully completes.

    Your computer's operating system is now restored to a pre-disaster state. Your data files have been restored, except those protected by Backup Exec database agents.

  14. Continue with one of the following:

    If you are performing an authoritative restore

    go to step 15.

    If you are not performing an authoritative restore

    the recovery is complete.

  15. Do the following to change the Backup Exec services to the local system account.

    • Right-click My Computer and then select Manage.

    • From the left pane of the Computer Management utility, double-click Services and Applications.

    • Click Services.

    • In the right pane, double-click each Backup Exec service, and from the Log On tab, change Log on as to use Local System account.

    • Close the Computer Management utility.

  16. Restart the computer.

  17. Press F8 during startup.

    A menu appears that allows you to diagnose and fix system startup problems.

  18. Select Directory Services Restore Mode.

  19. Launch Backup Exec.

  20. From the navigation bar, click Restore.

  21. Select System State (Windows 2000 and later) or Shadow Copy (Windows Server 2003 and later) components as the restore selections. Run the Restore job.

  22. At this point, you can either choose to restore the entire Active Directory, or specific objects from the Active Directory.

    Restore the entire Active Directory by performing the following:

    • Open a command prompt.

    • Type NTDSUTIL and press Enter.

    • Type Authoritative Restore and press Enter.

    • Type Restore Database, press Enter, click OK and then click Yes.

    See Microsoft's documentation for running NTDSUTIL for Windows Server 2008/2008 R2.

    Restore specific objects from the Active Directory by performing the following:

    • Open a command prompt.

    • Type NTDSUTIL and press Enter.

    • Type Authoritative Restore and press Enter.

    • Type Restore Subtree "ou=<OU Name>.dc=<domain name>,dc=<xxx> (without the quotation marks), and then press Enter, where <OU Name> is the name of the organizational unit you want to restore, <domain name> is the domain name the OU resides in, and <xxx> is the top level domain name of the domain controller, such as com, org, or net. You can do this as many times for as many objects you need to restore.

  23. Once you have finished restoring Active Directory information, exit NTDSUTIL.

  24. Restart the computer.


Legacy ID



id-SF7001Performing_Disaster_Recovery_on_a_Local_Windows_2000_Computer_be2010_adm


Article URL http://www.symantec.com/docs/HOWTO23132


Terms of use for this information are found in Legal Notices