Performing a Nonauthoritative Restore of a Domain Controller
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
A nonauthoritative restore is the default method for restoring Active Directory. To perform a nonauthoritative restore, you must be able to start the domain controller in Directory Services Restore Mode. After you restore the domain controller from backup, replication partners use the standard replication protocols to update Active Directory and associated information on the restored domain controller.
A nonauthoritative restore returns the domain controller to its state at the time of backup and then allows normal replication to overwrite that state with any changes that occurred after the backup was taken. After you restore the system state, the domain controller queries its replication partners. The replication partners replicate any changes to the restored domain controller, ensuring that the domain controller has an accurate and updated copy of the Active Directory database.
A nonauthoritative restore allows the entire directory to be restored on a domain controller, without reintroducing or changing objects that have been modified since the backup. The most common use of a nonauthoritative restore is to bring an entire domain controller back, often after catastrophic or debilitating hardware failures. It is uncommon for data corruption to drive a nonauthoritative restore, unless the corruption is local and the database cannot be successfully loaded.
If you intend to restore a deleted object (or objects), see Performing an Authoritative Restore of Active Directory Objects.
You can perform a nonauthoritative restore on a Windows Server 2003 system that is a stand-alone server, member server, or domain controller. You must start a server in Directory Services Restore Mode to perform a nonauthoritative restore.
Note
By performing a nonauthoritative restore on Active Directory, you automatically perform a nonauthoritative restore of the system volume (SYSVOL); no additional steps are required.
Task requirements
The following tool is required to perform the procedures for this task:
- NTBackup.exe
To complete this task, perform the following procedures:
Restart the domain controller in Directory Services Restore Mode by using one of the following methods:
Restart the domain controller in Directory Services Restore Mode locally
Restart the domain controller in Directory Services Restore Mode Remotely
Note
In cases in which you have to reinstall the operating system, before you restore the directory, you do not have to perform a nonauthoritative restore in Directory Services Restore Mode. After you reinstall the operating system, you can perform a restore after the computer boots normally.
See Also
Concepts
Performing an Authoritative Restore of Active Directory Objects
Enable Remote Desktop
Create a Remote Desktop Connection