You need to perform a non-authoritative restore of the doman controller using an existing backup file

Your company has a domain controller that runs Windows Server 2008. The domain
controller has the backup features installed.
You need to perform a non-authoritative restore of the doman controller using an existing
backup file.
What should you do?

Your company has a domain controller that runs Windows Server 2008. The domain
controller has the backup features installed.
You need to perform a non-authoritative restore of the doman controller using an existing
backup file.
What should you do?

A.
Restart the domain controller in Directory Services Restore Mode and use wbadmin to
restore critical volume

B.
Restart the domain controller in Directory Services Restore Mode and use the backup
snap-in to restore critical volume

C.
Restart the domain controller in Safe Mode and use wbadmin to restore critical volume

D.
Restart the domain controller in Safe Mode and use the backup snap-in to restore critical
volume

Explanation:
Almost identical to B42
http://technet.microsoft.com/en-us/library/cc816627%28v=ws.10%29.aspx
Performing Nonauthoritative Restore of Active Directory Domain Services
A nonauthoritative restore is the method for restoring Active Directory Domain Services (AD
DS) from a system state, critical-volumes, or full server backup. A nonauthoritative restore
returns the domain controller to its state at the time of backup and then allows normal
replication to overwrite that state with any changes that occurred after the backup was taken.
After you restore AD DS from backup, the domain controller queries its replication partners.
Replication partners use the standard replication protocols to update AD DS and associated
information, including the SYSVOL shared folder, on the restored domain controller.
You can use a nonauthoritative restore to restore the directory service on a domain
controller without reintroducing or changing objects that have been modified since the
backup. The most common use of a nonauthoritative restore is to reinstate a domain
controller, often after catastrophic or debilitating hardware failures. In the case of data
corruption, do not use nonauthoritative restore unless you have confirmed that the problem
is with AD DS.
Nonauthoritative Restore Requirements You can perform a nonauthoritative restore from
backup on a Windows Server 2008 system that is a standalone server, member server, or
domain controller.
On domain controllers that are running Windows Server 2008, you can stop and restart AD
DS as a service. Therefore, in Windows Server 2008, performing offline defragmentation and
other database management tasks does not require restarting the domain controller in
Directory Services Restore Mode (DSRM). However, you cannot perform a nonauthoritative
restore after simply stopping the AD DS service in regular startup mode. You must be able to
start the domain controller in Directory Services Restore Mode (DSRM). If the domain
controller cannot be started in DSRM, you must first reinstall the operating system.
To perform a nonauthoritative restore, you need one of the following types of backup for your
backup source:
System state backup: Use this type of backup to restore AD DS. If you have reinstalled the
operating system, you must use a critical-volumes or full server backup. If you are restoring
a system state backup, use the wbadmin start systemstaterecovery command.
Critical-volumes backup: A critical-volumes backup includes all data on all volumes that
contain operating system and registry files, boot files, SYSVOL files, or Active Directory files.
Use this type of backup if you want to restore more than the system state. To restore a
critical-volumes backup, use the wbadmin start recovery command.
Full server backup: Use this type of backup only if you cannot start the server or you do not
have a system state or critical-volumes backup. A full server backup is generally larger than
a critical-volumes backup.
Restoring a full server backup not only rolls back data in AD DS to the time of backup, but it
also rolls back all data in all other volumes. Rolling back this additional data is not necessary
to achieve nonauthoritative restore of AD DS.



Leave a Reply 0

Your email address will not be published. Required fields are marked *

ten + 20 =