Active Directory: Disaster Recovery with a System State Backup Step by Step

Active Directory: Disaster Recovery with a System State Backup Step by Step



This topic discuss a disaster recovery of Active Directory to a virtual machine.  Let's think you got a System State backup and your Domain Controller fail.. whats your next step ? When I tell fail it's not the Operating Software but the hardware itselft. In that kind of scenario, I better tell it's a disaster recovery...

It's not recommended to run a virtual Domain Controller (Things to consider when you host Active Directory domain controllers in virtual hosting environments, Support policy for Microsoft software running in non-Microsoft hardware virtualization software) Please consider those knowledge base's article before doing those steps below.

You need to weight the PRO and CON of doing thoses steps. Sometime re-doing the domain from stracth will be easier and will take less time, but sometime not. (like if you got an Exchange linked to your AD)

This documentation suppose that you got only 1 Domain Controller and that you have nothing more than a system state to restore it (like no clone image) 


Notes

- I am posting the documentation I did some time ago because I found that there is not enougth documention with printscreen, so there is it my documentation :-) 
- My pritnscreen is with ntbackup, but the goal and idea is the same for Win 2008.
- My printscreen is in french for some parts. When I will get time I will update them.
- I switch from hypervisor version during the documentation, it's not a bug, it's two document merged together.

Tips to know

1 - Always do a snapshot before importing the System State.
2 - Do #1.
3 - Server template should be in your "wallet" before making that procedure.
4 - A server template is for me a simple vanilla server that is pre-activated with a license I have. It is configured in a virtual machine and stored away (burned to a DVD, on a USB stick, etc..). It's ready to be put in any computer and ready to make a "Play" on it to recover anything. (Personnal note: I did recover a domain that way and temporally used a receptionnist computer to hold the VM until a new physical's server came fast to replace it)

Know Issues

1 - Having different HAL is a nightmare to recover on different hardware. If your DC is 1 core, then recover it to a 1 core VM and if it's multiple core then restore it to a multiple core VM.
1a - If you don't follow my advice, you might fall on STOP error 0x0000007B bluescreen even if your harddisk hardware is the same. 


Backing up the server

 

Before anything, you need a System-State backup, there is some small step to show you how to do it.

Click the start menu and select "Run" and type ntbackup :


 

Click NEXT with the Wizard option selected :





Select to Save file and Settings : 




Select Let me Choose what to save : 




Select ONLY System-State :




Select to save it to a File, and select where to save it :




Click Finish :




We now wait...





Waiting.. 




Click Close :





Restoring the System State

Start an "vanilla" Windows Server template on a hypservisor. There I choosed VMWare, but the documentation was done some time ago.

Select F8 in the startup and choose Active Directory Restore :




Choose the system to start with :



 
Enter in the system :




Click OK :




Copy the system-state to the VM

Click the startup menu, select Run and type ntbackup :




Click NEXT :




Click Restore Files and settings :




Click BROWSE :




Select your File :




Click OK:




Click System State :




Click Advanced :




Click NEXT :




Click Replace Existing Files :




Chooses thoses options :




Click Finish :




We wait..




Click CLOSE :




CREATE A SNAPSHOT BEFORE RESTARTING

If the HAL differ from the source-destination then try to erase the Processor in the System panel (see below on where to do it)

Re-install the VM tool to be sure it will boot (see below if it don't reboot).




Restart in Active Directory Restore Mode :




In the command prompt, type : ntdsutil <ENTER> authoritative restore <ENTER> restore database <ENTER> 



 
Click YES :




Check if the Restore go well :




Go to that Reg key and put BurFlags=d4




When finished click Restart :




After restarting, be ready for a lot of popup ! but the domain login locally will work now :




After the restart the server is almost done :




You now have to make sure you use the same IP, and that all roles are ok.


If too many drivers are missing

Convert again the virtual machine with vConverter and inject SCSI driver and the VM tool :




Select the Machine Type and location :




Select those options :




Click Finish :


In Case you have a missing DNS MMC


Go in c:\windows\system32 and re-run adminpack.msi :

Now the DNS should popup good :




  

In case of a HAL mismatch

Update your processor information in your control panel :



Final test

Run a dcdiag :






References

  1. How to move a Windows installation to different hardware
  2. HAL options after Windows XP or Windows Server 2003 Setup
  3. Injecting SCSI controller device drivers into Windows when it fails to boot after converting it with VMware Converter
  4. Event ID 16650: The account-identifier allocator failed to initialize in Windows 2000 and in Windows Server 2003 

 

 

 

 

Leave a Comment
  • Please add 1 and 4 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Comments
  • Richard Mueller edited Revision 27. Comment: Removed (en-US) from title, added tag

  • Slickk X X X edited Revision 29. Comment: "Well I tell fail...." Tell Fail doesn't make sense I'm afraid! This is a great article though.

  • Yagmoth555 edited Revision 22. Comment: changing pic to en-US

  • Yagmoth555 edited Revision 23. Comment: updated some pic to en-US

  • Richard Mueller edited Revision 26. Comment: Cleaned up headings in HTML

Page 1 of 1 (5 items)
Wikis - Comment List
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Richard Mueller edited Revision 27. Comment: Removed (en-US) from title, added tag

  • Slickk X X X edited Revision 29. Comment: "Well I tell fail...." Tell Fail doesn't make sense I'm afraid! This is a great article though.

  • Yagmoth555 edited Revision 12. Comment: almost finished, typo to correct later !

  • Yagmoth555 edited Revision 22. Comment: changing pic to en-US

  • Yagmoth555 edited Revision 23. Comment: updated some pic to en-US

  • Richard Mueller edited Revision 26. Comment: Cleaned up headings in HTML

Page 1 of 1 (6 items)