Backing Up Active Directory

This section describes how to back up Active Directory using the Microsoft Windows 2000 backup and restore tool, Backup. Backup is a system tools accessory in the GUI. You can also access Backup at the command prompt by typing Ntbackup . This tool is used to back up and restore Active Directory (as well as other services) so that you can restore data or system components in the event of some unforeseen or inadvertent failure. Specifically, the Backup tool allows you to back up and restore the following:

  • Entire server

  • Selected files

  • System State data

As mentioned earlier in this chapter, the System State data includes Active Directory and all other system components and services on which Active Directory is dependent. On a Windows 2000 domain controller, the System State data encompasses the system startup files, system registry, COM+ class registration database, File Replication service (the SYSVOL directory), Certificate Services database (if it is installed), Domain Name System (if it is installed), Cluster service (if it is installed) and Active Directory. The DNS data includes DNS zone information that is Active Directory–integrated. The Cluster service data includes any registry checkpoints and the quorum log, which contains the most recent cluster database information. Active Directory includes the following files:

  • Ntds.dit . The Active Directory database.

  • Edb.chk . The checkpoint file.

  • Edb*.log . The transaction logs; each 10 megabytes (MB) in size.

  • Res1.log and Res2.log . Reserved transaction logs.

note-icon Note

By default, Active Directory is located in the directory Winnt\Ntds. However, you can designate a different location when you promote a server to a domain controller.

The Backup tool has a Backup wizard that guides you through the backup process, or you can use the GUI to manually complete the process. Procedures for backing up the System State data are described below.

To back up System State data using the Backup Wizard

  1. From the Start menu, click Run , and then type Ntbackup .

  2. On the Tools menu, click Backup Wizard .

  3. Click Next , click Only back up the System State data , and then click Next .

  4. Designate where you want to save the System State data, click Next , and then click Finish .

  5. When you are done setting options, click Finish .

You can also set advanced backup options using the Backup Wizard by clicking Advanced on the final wizard screen. This allows you to set or configure several parameters, including: data verification, hardware compression, media labels, whether you want the backup job appended to a previous job, and whether you want to schedule the backup to run unattended at another time. Data verification is particularly useful. If you choose this option, Backup checks to see whether there are differences between the files it backed up from the domain controller and those copied to the backup media. The results of the verification are reported in the Event Viewer. If there are differences in the files, the event type is "Error." Otherwise, the event type is "Information." For more information about errors that might be encountered while creating a backup, see Microsoft Platform SDK link on the Web Resources page at http://windows.microsoft.com/windows2000/reskit/webresources . For more information about how to use the Backup tool, including information about backup options, see the Windows 2000 Server Help.

important-icon Important

For full disaster recovery, back up all of the drives and the System State data. You can do this by running the Backup tool and choosing Back up everything on my computer on the What to Back Up screen from Backup Wizard .

To back up System State data manually by using the GUI

  1. From the Start menu, click Run , and then type Ntbackup .

  2. On the Backup tab, under Click to select the check box for any drive, folder, or file that you want to back up , click the check box next to System State . System State appears in the tree view under My Computer .

  3. In the Backup destination box, choose File or the type of media you want to use to save the System State data.

  4. In the Backup media or file name box, choose a file name or a tape name that you want to use to save the System State data.

  5. Click Start Backup , edit any backup job information that you want to, and then click Start Backup again.

Note the following when using the Backup tool to back up System State data and other files:

  • You must be an Administrator or Backup Operator to back up the System State data.

  • System State data does not contain Active Directory unless the server on which you're backing up System State is a domain controller.

  • You can back up System State data by itself, or you can back up System State data with other files as part of your regular backup procedures.

  • You can back up System State data to a disk, tape, or a network share while the domain controller is online .

  • If you're backing up to tape, you might have to use Removable Storage to add a tape to the Backup media pool or else the tape will not be available for Backup to use.

important-icon Important

Because the Backup tool only supports local backups of Active Directory, you must perform a backup on every domain controller in the enterprise to entirely back up Active Directory. (Active Directory cannot be backed up on a remote computer.) This is a limitation of the Windows 2000 Backup tool; many third-party backup programs remotely back up and restore Active Directory.

For more information about resolving problems encountered during backup and about using Event Viewer, see "Active Directory Diagnostics, Troubleshooting, and Recovery" in this book.

Show: