How to backup Active Directory to enable the restore of individual objects and attributes

Article:TECH49602  |  Created: 2006-01-12  |  Updated: 2011-10-04  |  Article URL http://www.symantec.com/docs/TECH49602
Article Type
Technical Solution

Product(s)

Subject

Issue



How to backup Active Directory to enable the restore of individual objects and attributes


Solution



ADRA (Active Directory Recovery Agent) works with backups of the Windows System State (where Active Directory is installed) and ADAM (Active Directory Application Mode). During the backup of Windows System State, the Active Directory is included in the backup job, because Active Directory is a component of Windows System State.

Backup Exec 11d introduces Active directory Recovery agent (ADRA) which enables restore of individual Active Directory or Active Directory Application Mode (ADAM) objects and attributes without having to perform an authoritative or non-authoritative full restore.

Please perform the following steps to backup Active directory using ADRA.

1) Open Backup Exec and click on Backup on the navigation bar.

ADRA works with backups of the Windows System State (where Active Directory is installed) and ADAM (Figure 1).

Figure 1.

 

2) Verify that the option "Enable the restore of individual objects from Active Directory backups" is selected while creating the backup job (Figure 2). This check box is located on the Microsoft Active Directory node of the Backup Job Properties dialog box.

Figure 2.

 

3) Verify other backup settings and submit the backup job.

To restore individual Active Directory objects and attributes, select them from the View by Resource tab on the Restore Job Properties view (Figure 3). ADRA can also be used to restore individual ADAM objects and attributes. It is also possible to select individual ADAM objects and attributes for restore from the View by Resource tab on the Restore Job Properties view. If multiple ADAM instances are backed up, each instance appears under the Active Directory Application Mode node.

Figure 3.

 

There is no need to restart the server when the restore job completes.

ADRA also helps restore tombstoned objects from the Active Directory Deleted Objects container if:
1) their tombstone lifetimes have not passed.
2) they have not been purged from the Deleted Objects container.
3) restoring to a Windows 2003 or Windows XP X64 system.

It is recommended that Active directory and ADAM backups be backed up to a backup-to-disk folder before backing them up to tape. This provides a shorter backup windows, while also allowing to administer Active Directory or ADAM without requiring the individual cataloging of the backed up objects and properties.

When backing up any Windows Active Directory or ADAM application database directly to tape, it is possible that the objects and properties added or deleted during the backup will not match the individual objects and properties that are available for restore from  the backup set. The back up of the database is a snapshot backup of the live Active Directory or ADAM database and the cataloging of the individual Active Directory or ADAM objects occurs after the snapshot is performed. Since the catalog operation catalogs objects and properties from the live Active Directory or ADAM database, object and property changes can occur after the snapshot was taken.
 



Legacy ID



285880


Article URL http://www.symantec.com/docs/TECH49602


Terms of use for this information are found in Legal Notices