Best Practices for AD DS Backup and Recovery
Updated: November 21, 2008
Applies To: Windows Server 2008
Use the following best practices for backing up and recovering Active Directory Domain Services (AD DS):
Store operating system files, the Active Directory database (Ntds.dit), and SYSVOL on separate volumes that do not contain other user, operating system, or application data.
For domain controllers, perform regular backups of system state data by using the wbadmin start systemstatebackup command. For more information, see Wbadmin start systemstatebackup (http://go.microsoft.com/fwlink/?LinkId=111741).
Create a backup volume on a dedicated internal or external hard drive. You cannot use a network shared folder as a backup target for a system state backup. To store a system state backup on a network shared folder, you must use a local volume as the backup target and then copy the backup to the network shared folder.
To restore a domain controller, use the wbadmin start systemstaterecovery command. For more information, see Wbadmin start systemstaterecovery (http://go.microsoft.com/fwlink/?LinkID=93337).
To avoid having to use the operating system media during recovery, use the Windows Automated Installation Kit to install Windows RE on a separate partition. Use that partition to access Windows Recovery options. For more information about the Windows Automated Installation Kit, see Windows Automated Installation Kit (Windows AIK) (http://go.microsoft.com/fwlink/?LinkId=90643).