Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

HOWTO: ACTIVE DIRECTORY Backup/Restore with NETBACKUP

Created: 23 Jul 2013 • Updated: 29 Jul 2013 | 4 comments
Language Translations
Faisal Saleem's picture
+2 2 Votes
Login to vote

Dear All

I would like to provide you a simple HOWTO for backing up and restoring Active Directory with Symantec NetBackup

My Environment:

Master / Media Server = Windows 2008 R2 64 Bit

Active Directory = Windows 2008 R2 64 Bit

Symantec NetBackup Version = 7.5

Client = Windows 2008 R2 64 Bit

Assumption:

You have a running Master / Media Server and want to just Backup/Restore of Active Directory.

Important Point:

Master Server / Media Server and Client should resolve each other via DNS, here comes the Networking concepts which you can confirm it from your Network Administrator

Let us start with the steps.

Client Side Steps:

1. Add host entry of Media / Master Server on Active Directory Node.

1_Host_File.jpg

2. Extract the Symantec NetBackup setup files, you will find the following files displayed in the Snapshot below. You can see the setup icon, double click and Install NetBackup Client on Active Directory node. 

 2_Client_Setup_Files.jpg

3. Follow the on screen instructions, I have installed with options of current system only with typical installation and further provided the name of Master / Media Server and started the Installation Process

3_Installation_of_Client.jpg

Server Side Steps:

4. Add host entry of Client Node on Master / Media Server

5. Open Backup, Archive, and Restore

1.png

2.png

6. In File menu select "Specify NetBackup Machines and Policy Type" a Window will appear in which we will have to select the Server containing Backup just in case we have multiple Media Servers

Then we add client if this is for the first time any restore happening on the client by clicking "Edit Client List"

After addition of client the scroll list will have name of client, for me my Source and Destination is same therefore I am selecting "vsan" as it is my client hostname, further as we are restoring Active Directory the Policy type will be "Ms-Windows" and click OK.

3.png

7. After properly defining NetBackup Machine and Policy Type, click "Select for Restore" on the Backup, Archive, and Restore window which will bring the output of backups available of the client.

4.png

Mark the backup you will like to restore and the select the icon of "Start Restore of Marked Files" which will bring you the below snaped window. Choose accordingly as required and click "Start Restore" for Restore activity to start.

5.png

6.png

Comments 4 CommentsJump to latest comment

EV_Ajay's picture

Hi Faisal,

This is very informative. Thanks for sharing.

 

 

Thanks,

Ajay

+1
Login to vote
Faisal Saleem's picture

Thanks Ajav for you gracious comment.

0
Login to vote
Hollycapri's picture

Hello Faisal Saleem,

Thank you for sharing!

However, I have a question:
- Step 7 you selected only System State? And about Shadow copy components and C: drive? Not necessary?
- If so, what I have to restore first? System State/Shadow Copy components together and so, C: drive? Do you know?

Thank you!

0
Login to vote
deduplikador's picture

Some add'l items to consider:

Per Microsoft "Active Directory servers must be restored offline. The system must be restarted in Directory Services Restore mode. In this mode, the operating system is running without Active Directory Domain Services and all user validation occurs through the Security Accounts Manager (SAM) in the registry."

And: 

"Nonauthoritative restore: Use this process to restore AD DS to its state at the time of the backup, and then allow Active Directory replication to update the restored domain controller to the current state of AD DS."

"Authoritative restore: Use this process to recover objects that have been deleted from AD DS. Authoritative restore does not allow replication to overwrite the restored deletions. Instead, the restored objects replicate authoritatively to the other domain controllers in the domain."

Either restore type requires first booting the domain controller into DSRM.

Good reading prior to attempting AD restores:

Introduction to Administering Active Directory Backup and Recovery
http://technet.microsoft.com/en-us/library/cc816677%28v=ws.10%29.aspx

Steps for Backing Up and Recovering AD DS
http://technet.microsoft.com/en-us/library/cc753359%28v=ws.10%29.aspx

   - Performing a Nonauthoritative Restore of AD DS
     http://technet.microsoft.com/en-us/library/cc730683%28v=ws.10%29.aspx

   - Performing an Authoritative Restore of Deleted AD DS Objects
     http://technet.microsoft.com/en-us/library/cc755296%28v=ws.10%29.aspx

Restart the Domain Controller in Directory Services Restore Mode Locally
http://technet.microsoft.com/en-us/library/cc816897%28v=ws.10%29.aspx

Restoring the System State on Windows
http://www.symantec.com/docs/HOWTO34578

How to Perform Authoritative restore
http://www.symantec.com/docs/TECH127788

System requirements for Active Directory granular NetBackup backups and recovery
http://www.symantec.com/docs/HOWTO86243

Restoring Active Directory from Backup Media
http://technet.microsoft.com/en-us/library/cc961934.aspx

0
Login to vote