WINDOWS SERVER 2022: ACTIVE DIRECTORY BACKUP AND RESTORE

/0 Comments/in , , /by

Microsoft’s Active Directory is one of the most widely used directory services. This service is an excellent way to manage small to enterprise-scale organizations.
Ensuring that you have a working backup is vital to business continuity.

Let’s discuss a basic example of backing up and restoring.

To be able to follow along with this, you will need to have a Windows server with Active Directory already set up. Please refer to our guide here.
A second hard drive attached to the machine is also required.

Windows Server Backup

Windows Server Backup is free with Windows Server and will be used for this example. The general ideas of the solution would be the same even if other backup software were used.

Installing Windows Server Backup

Open the Server Manager, select Manage and then Add Roles and Features.

When the wizard opens, click Next.

Select the radio button for Role-based or feature-based installation and click Next.

If only one server exists, the correct one will already be selected.
If there is more than one server, ensure the correct one is selected.
Click Next.

No changes need to be made to the server roles page; click Next.

On the features page, scroll down and select Windows Server Backup.

Once the tick mark shows in the box, click Next.

As this is a test environment, the option to restart automatically was selected.
Note: Use automatic restart with caution in a production environment.

If the automatic restart was selected, select Yes and then click Next.

The Windows Server Backup feature will now install.

Windows Server Backup: Once-off

Once the installation has been completed, there are multiple ways to open Windows Server Backup.
The application can be found on the start menu, in the Tools list in Server Manager, and via the command line.

Once open, select Local Backup on the left.

Once loaded, select Backup Once on the right.

In the backup wizard, ensure Different options are selected and click Next.

Select the Custom radio button and click Next.

Click Add Items

Tick the box next to System state and click Ok.

For the destination, select Local drives and click Next.

The wizard should automatically select the second hard drive.
Should this not occur, select the correct drive from the drop-down list and click Next.

The wizard will confirm that only the system state is to be backed up. Click Backup.

The backup will run. Once completed, click Close.

The one-off backup is now complete.

Windows Server Backup: Scheduled

In the Windows Server Backup client, select Backup Schedule on the right-hand side.

When the wizard opens, click Next.

In this example, we will select a Full server backup and click Next.

For our lab, one daily backup is sufficient.
Select a suitable time for the backup to run and click Next.

To back up to the second hard drive, select Back up to a hard disk and click Next.

Click the option to Show All Available Disks.

Tick the box next to the disk where the backup will run and click Ok.

Once back at the disk selection, ensure the box is ticked next to the disk and click Next.

As this is a complete system backup, Windows will need confirmation to remove the drive so backups can be added.

Note that Windows will prompt you to format the disk. Click Yes.

Click Finish to create the scheduled backup.

Note: Once-off backups and scheduled backups cannot reside on the same drive.

Active Directory Restore

In our example, we’ve created a user account. This user account was then erroneously deleted.
Note: For this example, we will restore from the system state backup above.

As visible in the below screenshot, the user is no longer visible.

To restore our missing user, we must restart our Domain Controller in safe mode.
Open the run command, type MSConfig, and click Ok.

When the System Configuration opens, select the Boot tab.
On the boot page, tick the box next to Safe boot and ensure the Active Directory repair radio button is ticked, then click Ok.

Click Restart

After restarting into safe mode, only some of the domain services are running.
If you try to log in with a domain account, it will fail with the below error.
Click Ok.

Select Other user on the lower left of the login screen.

Log in to the server with the local administrator account from server installation.
Login requires the format of .\admin_account_name (the .\ changes log-in from the domain to the local computer).

To confirm that the server has started in Safe mode, note the text in the four corners.

To restore the deleted user account, open Windows Server Backup.

Once open, select Local Backup on the left-hand side and choose Recover on the right-hand side.

When the wizard opens, select This server and click Next.

Select an appropriate backup to restore from and click Next.

Select System state and click Next.

Select the radio button to restore to the Original location, tick the box to perform an authoritative restore, and click Next.

Click Ok on the warning.

Confirm that the wizard will restore the system state and click Recover.

The wizard will warn against canceling or pausing the recovery; confirm by clicking Yes.

The recovery process will take some time to complete.

Once complete, the wizard will offer a restart option.
Do not select this.
Open the run command again, enter MSConfig and click Ok.

Navigate to the Boot tab again.
Untick the box next to Safe boot and click Ok.

Select Restart.

After restarting, log in again with a domain administrator account, not the local administrator account used during the previous restore steps.

After login, a message will prompt that the recovery has been completed successfully.
Hit Enter to continue.

To confirm that the restore was successful, navigate to the Active Directory Users and Computers.

When opening the Users, we can see that the user account has been restored.

Conclusion

The ability to back up and restore Active Directory is crucial to any disaster recovery plan. Ensure that backups are created regularly. Restores should also be tested regularly to ensure no corruption.
Wherever possible, have multiple domain controllers running to minimize downtime in the event of failure.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *