Introduction
The Active Directory Domain Services (AD DS) server role provides the authentication and authorization service for your on-premises infrastructure. AD DS service failure or degraded performance can have an immediate and severe impact on your network services. Consequently, it’s important that you know how to troubleshoot this critical service. For example, suppose you open the Active Directory Administrative Center and fine that some recently created users are missing. Or maybe changes that a colleague has made to Group Policy are not replicating across your infrastructure. It’s also important to consider that it’s common now for organizations to integrate their on-premises environment to cloud SaaS apps, such as Microsoft 365. If your users are connecting to Microsoft 365 apps, such as Microsoft Teams, then you’ll need to configure integration and synchronization between AD DS and Microsoft Entra ID. Proper configuration enables seamless single sign-on (SSO). However, this integration must be carefully considered, and features such as self-service password reset (SSPR) with writeback should be in-place.
In this module, you’ll learn how to restore deleted objects from AD DS. You’ll also learn how to recover the AD DS database when necessary. This module also provides guidance on how to troubleshoot hybrid authentication issues.
In this module, you will:
Recover objects in AD DS
Recover the AD DS database
Troubleshoot AD DS replication and SYSVOL
Troubleshoot Hybrid authentication problems
Learning objectives
Recover the AD DS database, objects in AD DS, and SYSVOL
Troubleshoot AD DS replication
Troubleshoot Hybrid authentication issues
Prerequisites
To get the best learning experience from this module, you should have:
Working knowledge of common Windows Server management tools.
Some experience of typical Windows Server workloads.
Basic knowledge of Windows PowerShell.