AD 林恢复-Windows Server 2003 恢复AD Forest Recovery - Windows Server 2003 Recovery

适用于: Windows Server 2003Applies To: Windows Server 2003

本主题包括运行 Windows Server 2003 的域控制器 (Dc) 的林恢复过程。This topic includes forest recovery procedures for domain controllers (DCs) that run Windows Server 2003. 林恢复的一般过程与 Windows Server 2003 Dc 没有任何不同,但特定的过程可能因不同的工具而有所不同。The general process for forest recovery is no different with Windows Server 2003 DCs, but specific procedures can differ because of different tools. 例如,可以使用 Ntdsutil.exe 来备份和还原运行 Windows Server 2003 Dc 的 Dc,而 Windows Server 备份或 Wbadmin.exe 用于运行 Windows Server 2008 或更高版本的 Dc。For example, Ntdsutil.exe can be used to backup and restore DCs that run Windows Server 2003 DCs, whereas Windows Server Backup or Wbadmin.exe is used for DCs that run Windows Server 2008 or later.

备份系统状态数据Backing up the System State data

使用以下过程来备份系统状态数据,以及你为当前备份操作选择的、运行 Windows Server 2003 的 DC 的任何其他数据。Use the following procedure to back up the System State data, along with any other data you have selected for the current backup operation, of a DC that runs Windows Server 2003. Windows Server 2003 包含了 Ntbackup 工具,你可以使用它来备份系统状态数据。Windows Server 2003 includes the Ntbackup tool, which you can use to back up System State data.

管理员备份操作员 的成员身份或同等身份是备份文件和文件夹所需的最低要求。Membership in Administrators or Backup Operators , or equivalent, is the minimum required to back up files and folders.

如果要将系统状态数据备份到磁带,并且备份程序指示没有未使用的媒体,则可能必须使用可移动存储。If you are backing up the System State data to a tape, and the Backup program indicates that there is no unused media available, you might have to use Removable Storage. 这会将磁带添加到可用媒体池,以便备份能够使用。This adds your tape to the free media pool so that Backup can use it.

只能备份本地计算机上的系统状态数据。You can only back up the System State data on a local computer. 不能在远程计算机上备份。You cannot back it up on a remote computer.

若要备份运行 Windows Server 2003 的域控制器上的系统状态数据To back up the System State data on a domain controller that runs Windows Server 2003

  1. 单击 " 开始 ",指向 " 所有程序 ",指向 " 附件 ",指向 " 系统工具 ",然后单击 " 备份 "。Click Start , point to All Programs , point to Accessories , point to System Tools , and then click Backup .
  2. 欢迎 页上,单击 " 高级模式 "。On the Welcome page, click Advanced Mode .
  3. 在 " 备份 " 选项卡上,选中要备份的任何驱动器、文件夹或文件的复选框。On the Backup tab, select the check box for any drive, folder, or file that you want to back up.
  4. 选中 " 系统状态 " 复选框。Select the System State check box.
  5. 单击 " 开始备份 "。Click Start Backup .

执行非权威还原Performing a nonauthoritative restore

使用以下过程执行运行 Windows Server 2003 的 DC 的非权威还原。Use the following procedure to perform a nonauthoritative restore of a DC that runs Windows Server 2003. 通过在 Windows Server 2003 中的 Active Directory 上执行非权威还原,你将自动执行 SYSVOL 的非权威还原。By performing a nonauthoritative restore on Active Directory in Windows Server 2003, you automatically perform a nonauthoritative restore of SYSVOL. 无需执行其他步骤。No additional steps are required.

备注

如果你还在重新安装 Windows Server 2003 操作系统,则你可能或不能将计算机加入到域中,并且你可以在安装操作系统的过程中为计算机指定任何名称。If you are also reinstalling the Windows Server 2003 operating system, you might or might not join the computer to the domain and you can give any name to the computer during setup of the operating system. 不要安装 Active Directory。Do not install Active Directory. 重新安装操作系统后,请直接执行步骤4。After reinstalling the operating system, go directly to step 4.

在仅还原了系统状态数据的 Windows Server 2003 域控制器上,还需要在恢复前重新安装在 Dc 上运行的所有软件应用程序。On Windows Server 2003 domain controllers where you have restored only system state data, you need to also reinstall any software applications that were running on DCs before recovery. 还原域中第一个 DC 上的 AD DS 也会还原注册表,因为它们都属于系统状态数据。Restoring AD DS on the first DC in the domain also restores the registry because they both are part of System State data. 如果在这些 Dc 上运行任何应用程序,并且这些应用程序的任何信息存储在注册表中,请记住这一点。Keep this in mind if you had any applications running on these DCs and if they had any information stored in the registry.

若要节省重新安装软件所需的时间,请确定是否需要在 Dc 上安装的应用程序与虚拟 DC 克隆兼容。To save time required to re-install software, determine if applications that need to be installed on the DCs are compatible with virtual DC cloning. 此类应用程序可以在克隆之前安装在源 DC 上,以节省在克隆的虚拟 Dc 上安装这些应用程序所需的时间和精力。Such applications can be installed on the source DC prior to cloning in order to save the time and effort required to install them on the cloned virtual DCs.

执行非权威还原To perform a nonauthoritative restore

  1. 启动 DC 后,按 F8 以目录服务还原模式 (DSRM) 重新启动计算机。After you start the DC, press F8 to restart the computer in Directory Services Restore Mode (DSRM).
  2. 选择 " 目录服务还原模式" (仅) Windows 域控制器Select Directory Services Restore Mode (Windows domain controllers only) .
  3. 选择要在还原模式下启动的操作系统。Select the operating system that you want to start in restore mode.
  4. 以管理员身份登录 (您只能使用本地计算机帐户,) 没有域登录选项可用。Log on as an administrator (you can only use a local computer account, no domain logon option is available).
  5. 在命令提示符下,键入 ntbackup ,然后按 enter。At a command prompt, type ntbackup , and then press ENTER.
  6. 欢迎 页上,单击 " 高级模式 ",然后选择 " 还原和管理媒体 " 选项卡。 (不选择 " 还原向导 "。 ) On the Welcome page, click Advanced Mode , and then select the Restore and Manage Media tab. (Do not select Restore Wizard .)
  7. 选择要从中还原的相应备份文件,并确保选中 " 系统磁盘 " 和 " 系统状态 " 复选框。Select the appropriate backup file to restore from and ensure that the System disk and System State check boxes are selected.
  8. 单击 “开始还原”Click Start Restore .
  9. 还原操作完成后,重新启动计算机。When the restore operation is complete, restart the computer.

使用以下过程在运行 Windows Server 2003 的 DC 上执行权威 (也称为主) 还原 SYSVOL。Use the following procedure to perform an authoritative (also known as primary) restore of SYSVOL on a DC that runs Windows Server 2003. 仅在域中还原的第一个 Windows Server 2003 DC 上执行此过程。Perform this procedure only on the first Windows Server 2003 DC that is restored in the domain.

执行 SYSVOL 的权威还原To perform an authoritative restore of SYSVOL

  1. 执行上一过程中的步骤1到步骤8。Perform steps 1 through 8 in the previous procedure.

  2. 在 " 确认还原 " 对话框中,单击 " 高级 "。In the Confirm Restore dialog box, click Advanced .

  3. 若要对 SYSVOL 执行权威还原,请在 还原复制的数据集时选中此复选框,将还原的数据标记为所有副本的主数据To perform an authoritative restore of SYSVOL, select the check box When restoring replicated data sets, mark the restored data as the primary data for all replicas .

    备注

    将还原的数据标记为备份中的主数据等效于在以下注册表子项下将 BurFlags 项设置为 D4:Marking the restored data as the primary data in the Backup is equivalent to setting the BurFlags entry to D4 under the following registry subkey:

    *HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets\**GUID*HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets\ GUID

  4. 还原操作完成后,重新启动计算机。When the restore operation is complete, restart the computer.

安装和配置 DNS 服务器服务Install and configure the DNS Server service

如果从备份还原的 DC 正在运行 Windows Server 2003,则你可以安装 DNS 服务器而不将 DC 连接到任何网络。If the DC that you restored from backup is running Windows Server 2003, you can install DNS server without connecting the DC to any network.

安装和配置 DNS 服务器服务To install and configure the DNS Server service

  1. 打开 Windows 组件向导。Open Windows Components Wizard. 打开向导:To open the wizard:

    • 依次单击“开始” 、“控制面板” ,然后单击“添加或删除程序” 。Click Start , click Control Panel , and then click Add or Remove Programs .
    • 单击 " 添加/删除 Windows 组件 "。Click Add/Remove Windows Components .
  2. 在 " 组件 " 中,选中 " 网络服务 " 复选框,然后单击 " 详细信息 "。In Components , select the Networking Services check box, and then click Details .

  3. 在 " 网络服务" 的子组件 中,选择 " 域名系统 (DNS) " 复选框,单击 "确定 ",然后单击 " 下一步 "。In Subcomponents of Networking Services , select the Domain Name System (DNS) check box, click OK , and then click Next .

  4. 如果系统提示,请在 " 复制文件 " 中键入分发文件的完整路径,然后单击 "确定"If you are prompted, in Copy files from , type the full path of the distribution files, and then click OK .

    安装完成后,请完成以下步骤以配置 DNS 服务器。After the installation, complete the following steps to configure the DNS server.

  5. 单击 " 开始 ",指向 " 所有程序 ",指向 " 管理工具 ",然后单击 " DNS "。Click Start , point to All Programs , point to Administrative Tools , and then click DNS .

  6. 为在关键故障发生之前在 DNS 服务器上托管的相同 DNS 域名创建 DNS 区域。Create DNS zones for the same DNS domain names that were hosted on the DNS servers before the critical malfunction. 有关详细信息,请参阅添加正向查找区域 (https://go.microsoft.com/fwlink/?LinkId=74574) 。For more information, see Add a Forward Lookup Zone (https://go.microsoft.com/fwlink/?LinkId=74574).

  7. 配置在发生严重故障之前存在的 DNS 数据。Configure the DNS data as it existed before the critical malfunction. 例如:For example:

  8. 请确保父 DNS 区域包含 (name server (NS) 和胶水主机的委派资源记录 (在此 DNS 服务器上托管的子区域的) 资源记录。Ensure that the parent DNS zone contains delegation resource records (name server (NS) and glue host (A) resource records) for the child zone that is hosted on this DNS server. 有关详细信息,请参阅 () 创建区域委派 https://go.microsoft.com/fwlink/?LinkId=74562For more information, see Create a Zone Delegation (https://go.microsoft.com/fwlink/?LinkId=74562).

  9. 配置 DNS 之后,在命令提示符下,键入以下命令,然后按 ENTER:After you configure DNS, at the command prompt, type the following command, and then press ENTER:

    net stop netlogonnet stop netlogon

  10. 键入以下命令,然后按 Enter:Type the following command, and then press ENTER:

    net start netlogonnet start netlogon

    备注

    Net Logon 将为此 DC 在 DNS 中注册 DC 定位器资源记录。Net Logon will register the DC Locator resource records in DNS for this DC. 如果在子域中的某个服务器上安装 DNS 服务器服务,此 DC 将不能立即注册其记录。If you are installing the DNS Server service on a server in the child domain, this DC will not be able to register its records immediately. 这是因为它当前在恢复过程中是隔离的,其主 DNS 服务器是目录林根 DNS 服务器。This is because it is currently isolated as part of the recovery process, and its primary DNS server is the forest root DNS server. 请将此计算机配置为与灾难之前相同的 IP 地址,以避免 DC 服务查找失败。Configure this computer with the same IP address as it had before the disaster to avoid DC service lookup failures.

后续步骤Next Steps