Share via


snapshot

Applies To: Windows Server 2008

Manages snapshots of the volumes that contain the Active Directory database and log files, which you can view on a domain controller without starting in Directory Services Restore Mode (DSRM). You can also run the snapshot subcommand on an Active Directory Lightweight Directory Services (AD LDS) server.

In the command-line tool Ntdsutil.exe, you can use the snapshot subcommand to manage the snapshots, but you must use Dsamain.exe to expose the snapshot as a Lightweight Directory Access Protocol (LDAP) server. For more information about using Dsamain, see Dsamain.

This is a subcommand of Ntdsutil and Dsdbutil. Ntdsutil and Dsdbutil are command-line tools that are built into Windows Server 2008 and Windows Server 2008 R2. Ntdsutil is available if you have the Active Directory Domain Services (AD DS) or AD LDS server role installed. Dsdbutil is available if you have the AD LDS server role installed. These tools are also available if you install the Active Directory Domain Services Tools that are part of the Remote Server Administration Tools (RSAT). For more information, see How to Administer Microsoft Windows Client and Server Computers Locally and Remotely (https://go.microsoft.com/fwlink/?LinkID=177813).

To use either of these tools, you must run them from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator.

For examples of how to use this command, see Examples.

Syntax

activate instance %s [create] [delete %s] [unmount %s] [list all] [list mounted ] [mount %s] [quit]

Parameters

Parameter Description

activate instance %s

Sets an active instance for the command. You can either specify "ntds" to set AD DS as the active instance or you can specify the name of an AD LDS instance.

create

Creates a snapshot.

delete %s

Deletes a snapshot with globally unique identifier (GUID) %s. Use * to delete all snapshots.

list all

Lists all mounted snapshots. You can run this command to obtain an index number for a mounted snapshot. You can then use the index number, instead of a GUID, to mount or unmount a snapshot.

list mounted

Lists mounted snapshots. You can run this command to obtain an index number for a mounted snapshot. You can then use the index number instead of a GUID to mount or unmount a snapshot.

mount %s

Mounts a snapshot with GUID %s. You can refer to an index number of any mounted snapshot instead of its GUID.

unmount %s

Unmounts a snapshot with GUID %s. Use * to unmount all mounted snapshots.

quit

Returns to the prior menu.

Help

Displays Help for this command.

?

Displays Help for this command.

Remarks

  • Before you can run the snapshot subcommand, you must run the activate instance subcommand in Ntdsutil to set an active instance. For examples of how to set an active instance, see Examples.

  • You are not required to run the snapshot subcommand to use Dsamain.exe. Instead, you can use a backup of the AD DS or AD LDS database or another domain controller or AD LDS server. Running the snapshot subcommand simply provides convenient data input for Dsamain.exe.

  • You should protect snapshots in a manner that is similar to how you protect domain controller backups. For example, use encryption or other data security precautions with AD DS snapshots to help mitigate the chance of unauthorized access to them.

  • When you use Dsamain.exe to expose the data that is contained in a snapshot:

    • All permissions that apply to the data in the snapshot are enforced.

    • By default, only members of the Domain Admins group and the Enterprise Admins group are allowed to view a snapshot because it can contain sensitive AD DS data.

  • Ntdsutil does not correctly handle special characters, such as the apostrophe character ('), that you can enter at the ntdsutil: prompt at the command line. In some situations, there may be an alternative workaround. For more information, see local roles (https://go.microsoft.com/fwlink/?LinkId=157320).

Examples

The following example sets NTDS as the active instance:

ntdsutil: activate instance ntds

The following example is another way to set NTDS as the active instance:

ntdsutil: ac in ntds

The following example mounts a snapshot that has the GUID 8ec8ff74-c0d7-435a-b6b1-54ef185926be:

snapshot: mount {8ec8ff74-c0d7-435a-b6b1-54ef185926be}

The following example unmounts the same snapshot:

snapshot: unmount {8ec8ff74-c0d7-435a-b6b1-54ef185926be}

The following example lists the mounted snapshots:

snapshot: list mounted

Additional references

Command-Line Syntax Key

Dsamain

Dsdbutil

Ntdsutil

authoritative restore

configurable settings

DS behavior

files

group membership evaluation

ifm

LDAP policies

local roles

metadata cleanup

partition management

roles

security account management

semantic database analysis

set DSRM password