The Active Directory can be fully restored only through a full restore of the
Windows File System iDataAgent.
Before you begin a disaster recovery, make sure to do the following:
Perform regular backups of the Windows file system or
schedule the backups to run at regular intervals.
On any Windows operating system, perform a restore to the same platform that you used for
performing the backup. For example, you cannot do a full system restore on an x64
platform if you are using a 32-bit iDataAgent for backup.
If the operating system of your client is corrupted, you need to re-build the
operating system.
During the rebuild you will be prompted for the following system information. Since the computer will be down during the
operating system rebuild, you may not be able to access necessary information
about the system. It is important to record such information before a disaster
occurs.
System Information
How to Get it
Windows Operating System
Use Windows installation discs, CD, required service
packs (SPs) and Hot fixes to install the Windows Operating System.
Windows File System iDataAgent
Use
Windows File System iDataAgent
installation disc to install the
Windows File System iDataAgent.
Drives
Use the Disk Management utility to record the volumes and sizes of the hard drives in
the system, which are needed to recreate the disk configuration in case of hard drive
failure. Hard drives must be configured before restoring System State or file system
data.
Computer name
Use the same computer name and avoid changing other configuration settings.
Network Interface Card configuration and settings
Click Start | Programs | Accessories | System Information.
In the System Information dialog box, click Components
| Network |Adapter.
Note down the Network Adapter and Drivers information.
TCP/IP Settings
On the command prompt give following commands:
hostname - Note down the fully
qualified network name
ipconfig - Note down the IP address,
Subnet mask, TCP/IP domain name for the network,
IP address of the domain name server (DNS) settings.
Video settings
Note down the video settings if the resolution and color depth are
important.
Domain information
Note down the domain in which this computer resides.
Domain password
Note down this information if you are restoring a domain
controller.
Local admin password
Note down this information to log on to the computer once it is
restored.
By default, the Calypso files and registry entries are excluded from the
restore. After the full system restore, when you install Calypso,
all the latest patches will be available.
If the backup contains all the latest patches, create the
nDisableGalaxyMerge registry key and set the value to 1 to restore the
registry entries for Calypso.
Configure hardware devices such as disk arrays and ensure connectivity
to all drives.
Using the instructions provided with the software, install Windows
operating system and include any previously installed Service Packs and Hot
Fixes.
Do not install IIS Services. These services will be restored automatically
during the restore.
Do not include the server in the domain. Keep it in the workgroup.
Format and partition the hard drives to match their previous
configurations.
When recreating partitions, you can
Browse the backup data to determine the previous size of the
partitions. When you browse the backup set, each drive
letter will have its size noted in the Browse window.
If the client was installed with a fully qualified domain name, perform the following
tasks, otherwise, skip to the next step.
Change the Computer name to the fully qualified domain name to avoid a naming resolution conflict
when the
client is restored.
Add the IP address and the fully qualified domain name and a short name
of the Client, MediaAgent and CommServe to the host file of the client
in the following format:
Until the DNS server
is restored, there is no domain name resolution and the client will be
unable to communicate with the CommServe and MediaAgent computers unless this information is added to the
host file.
Similarly, add the CommServe, MediaAgent and Client names and their
IP addresses to the Host file of the MediaAgent, and CommServe when restoring a Domain Name Server.
Enable and configure TCP/IP support.
Configure the Network Interface Card(s).
Ensure that the Network Interface Card used is the first card
listed in the network binding order when restoring a client with
multiple Network Interface Cards.
Run the following command to verify network communications between the client computer and the CommServe:
ping <CommServe name>
Run the following command to verify network communications between the client computer and the MediaAgent:
Restart the computer in Directory Services mode after installing Windows
File System iDataAgent.
Open the CommCell Console.
From the CommCell Browser, right-click the <Client> and select
Properties.
Click the Activity Control tab.
Clear the Enable Data Management check box. This will disable backup
jobs for the client and any scheduled backup jobs for the client will not start
during the full system restore.
Click OK.
From the CommCell Browser, navigate to Client
Computers| <Client>|
File System.
Right-click the <Backupset> that contains the system state data
and all the drives and then click Browse Backup Data.
Select the required options from the Browse Options dialog box and click OK.
Select the <BackupSet> box from the Client Browse
tab which contains system state data and all the drives.
Click Recover All Selected.
Select one of the
following from the Restore option for SYSVOL list:
Primary - Select this option when you are restoring for a
standalone domain controller or the first domain controller restored
in the network
Non-Authoritative - Select this option to restore the domain
controller without replicating any changes to the
other domain controllers on the network
Authoritative - Select this option to restore the domain
controller and also replicate any changes to the other domain
controllers on the network. You must run the ntdsutil to
replicate the changes to the other domain controllers.
If the hardware of the destination computer is drastically different
than the hardware of the source computer, do not select Unconditional
Overwrite option.
Select the other required options and click OK.
Click Compare to view the Service Pack information of source and
destination computer.
Note down the service packs that are not installed on the destination
computer and click Close.
The Include Hotfix check box will be available for the source computer
if you have chosen the Include Hotfix Information option during the
backup.
Click No if the source computer and the destination computer has
different service packs. Install the required service packs and hot fixes
on the destination computer.
Click Yes if all the service packs on the source and
destination computer are same. The full system restore starts.
Click OK to restart the computer.
Re-install any agents that were previously installed on the restored
client computer.
Enable the backup jobs for the client by selecting the Enable Data Management
check box from the Activity Control tab of the Client Properties
dialog box.
The system performs a non-authoritative restore of the Active Directory by
default, ensuring that any Active Directory data that has changed since the last
backup is not replicated to other domain controllers. However, you can force an
authoritative restore of the Active Directory and replicate all the restored
data to all the remaining domain controllers in the domain by running the
ntdsutil.
It is recommended that you review all Microsoft instructions and methods
before replicating the data to all domain controllers.
Follow the steps given below to run the ntdsutil
:
Perform the Authoritative full system restore of a domain controller.
Restart the computer in the Directory Services mode.
From the Command Prompt, type ntdsutil.
At the ntdsutil prompt, type Authoritative
Restore.
At the Authoritative Restore prompt, type Restore Database.
Click Yes to confirm this operation.
Type quit to exit the Authoritative Restore prompt.
Type exit to end the ntdsutil session.
Type exit to exit the command prompt.
Restart the computer in normal mode and wait for replication to
complete.
If you are performing an Authoritative restore of the SYSVOL without performing
the full system restore, you must run the ntdsutil.
When you run this utility, the policies and scripts will be accessible from
Active Directory Users and Computers.
Configure hardware devices such as disk arrays and ensure connectivity
to all drives.
Using the instructions provided with the software, install Windows
operating system and include any previously installed Service Packs and Hot
Fixes.
Do not install IIS Services. These services will be restored automatically
during the restore.
Do not include the server in the domain. Keep it in the workgroup.
Format and partition the hard drives to match their previous
configurations.
When recreating partitions, you can
Browse the backup data to determine the previous size of the
partitions. When you browse the backup set, each drive
letter will have its size noted in the Browse window.
If the client was installed with a fully qualified domain name, perform the following
tasks, otherwise, skip to the next step.
Change the Computer name to the fully qualified domain name to avoid a naming resolution conflict
when the
client is restored.
Add the IP address and the fully qualified domain name and a short name
of the Client, MediaAgent and CommServe to the host file of the client
in the following format:
Until the DNS server
is restored, there is no domain name resolution and the client will be
unable to communicate with the CommServe and MediaAgent computers unless this information is added to the
host file.
Similarly, add the CommServe, MediaAgent and Client names and their
IP addresses to the Host file of the MediaAgent, and CommServe when restoring a Domain Name Server.
Enable and configure TCP/IP support.
Configure the Network Interface Card(s).
Ensure that the Network Interface Card used is the first card
listed in the network binding order when restoring a client with
multiple Network Interface Cards.
Run the following command to verify network communications between the client computer and the CommServe:
ping <CommServe name>
Run the following command to verify network communications between the client computer and the MediaAgent:
Restart the computer in Directory Services mode after installing Windows
File System iDataAgent.
Open the CommCell Console.
From the CommCell Browser, right-click the <Client> and select
Properties.
Click the Activity Control tab.
Clear the Enable Data Management check box. This will disable backup
jobs for the client and any scheduled backup jobs for the client will not start
during the full system restore.
Click OK.
From the CommCell Browser, navigate to Client
Computers| <Client>|
File System.
Right-click the <Backupset> that contains the system state data
and all the drives and then click Browse Backup Data.
Select the required options from the Browse Options dialog box and click OK.
Select the <BackupSet> box from the Client Browse
tab which contains system state data and all the drives.
Click Recover All Selected.
Select one of the
following from the Restore option for SYSVOL list:
Primary - Select this option when you are restoring for a
standalone domain controller or the first domain controller restored
in the network.
Non-Authoritative - Select this option to restore the domain
controller without replicating any changes to the
other domain controllers on the network.
Authoritative - Select this option to restore the domain
controller and also replicate any changes to the other domain
controllers on the network. You must run the ntdsutil to
replicate the changes to the other domain controllers.
If the hardware of the destination computer is drastically different
than the hardware of the source computer, do not select Unconditional
Overwrite option.
Select the other required options and click OK.
Click Compare to view the Service Pack information of source and
destination computer.
Note down the service packs that are not installed on the destination
computer and click Close.
The Include Hotfix check box will be available for the source computer
if you have chosen the Include Hotfix Information option during the
backup.
Click No if the source computer and the destination computer has
different service packs. Install the required service packs and hot fixes
on the destination computer.
Click Yes if all the service packs on the source and
destination computer are same. The full system restore starts.
Click OK to restart the computer.
Re-install any agents that were previously installed on the restored
client computer.
Enable the backup jobs for the client by selecting the Enable Data Management
check box from the Activity Control tab of the Client Properties
dialog box.
The system performs a non-authoritative restore of the Active Directory by
default, ensuring that any Active Directory data that has changed since the last
backup is not replicated to other domain controllers. However, you can force an
authoritative restore of the Active Directory and replicate all the restored
data to all the remaining domain controllers in the domain by running the
ntdsutil.
It is recommended that you review all Microsoft instructions and methods
before replicating the data to all domain controllers.
Follow the steps given below to run the ntdsutil
:
Perform the Authoritative full system restore of a domain controller.
Restart the computer in the Directory Services mode.
From the Command Prompt, type ntdsutil.
At the ntdsutil prompt, type Activate instance
NTDS.
At the ntdsutil prompt, type Authoritative
Restore.
At the Authoritative Restore prompt, type
Restore Subtree DistinguishedName.
where
DistinguishedName is the name of the subtree that is to be marked
authoritative.
For example: Restore subtree: DC=DomainName,DC=COM
will restore domainname.com.
Click Yes to
continue.
The restore process will complete and a message confirming the creation
of one text and 2 LDAP Data Interchange Format (LDIF) files will be
displayed.
Restart the computer in normal mode and allow time for replication to
complete.
To run an LDIF file to recover back-links, type the following command at
the command prompt.
ldifde -i -k -f FileName (where the
FileName is the name of the LDIF
file)
