Best Practices for AD DS Backup and Recovery

  • Article

Applies To: Windows Server 2008

Use the following best practices for backing up and recovering Active Directory Domain Services (AD DS):

  • Store operating system files, the Active Directory database (Ntds.dit), and SYSVOL on separate volumes that do not contain other user, operating system, or application data.

  • For domain controllers, perform regular backups of system state data by using the wbadmin start systemstatebackup command. For more information, see Wbadmin start systemstatebackup (https://go.microsoft.com/fwlink/?LinkId=111741).

  • Create a backup volume on a dedicated internal or external hard drive. You cannot use a network shared folder as a backup target for a system state backup. To store a system state backup on a network shared folder, you must use a local volume as the backup target and then copy the backup to the network shared folder.

  • To restore a domain controller, use the wbadmin start systemstaterecovery command. For more information, see Wbadmin start systemstaterecovery (https://go.microsoft.com/fwlink/?LinkID=93337).

  • To avoid having to use the operating system media during recovery, use the Windows Automated Installation Kit to install Windows RE on a separate partition. Use that partition to access Windows Recovery options. For more information about the Windows Automated Installation Kit, see Windows Automated Installation Kit (Windows AIK) (https://go.microsoft.com/fwlink/?LinkId=90643).