pse hlp: Restore W2K3 Active Directory on new Server w/ different Hardware

R

Ralf Demelhuber

Hi there,

i am briefed to migrate a customer system which actually
runs on outdated hardware (HP ML370G1) to new Hardware
(HP ML350G4).
The problem is that i cannot perform the recommended
way of migration (join the new server in the domian,
move the FSMO Roles, demote and erase the old
server...) because i'll have to do the setup of
the new machine w/o having access to the old machine
as it is located in a different location and the live
server ist used until the switch is done to the then
readily-installed new Server (by simply switching the
VPN...). So i'll have to do some kind of AD-only
restore like in a disaster recovery scenario.

Unfortunately this way of AD restoration is not well
documented (in contrast, the move server method is,
indeed...). I tried already to install the new server
in my lab, give it the same name as the live server,
configure DNS the same as the live server and then
do a restore of the latest system state backup on
the new server. The result as expected was a major
bluescreen on first bootup, since the controller/
disk config is different on the two machines. As
stated in some KB article i did a repair install of
the OS and then it booted up but immediately asked
for reactivating the OS. Having restored the registry
as part of the system state, there where many further
problems, mainly caused by software that was installed
on the live server and isn't on the new one. I don't
think that this is a good basis for a newly setup live
system. So now i am looking for a way to just restore
the AD on the new Server, without all the other things
that are among the system state backup file and are not
needed on the new server. The DNS on the live server is
configured as AD integrated, so restoring just AD
should be sufficient.

I also tried to restore the system state backup to an
alternate location on the new server, and then (in AD
restore safe mode) switching the ntds.dit and the log
file from alternate restore location. After rebooting
i got an error 0xc000002e1 DS could be started, and i
must restart the server again to AD restore safe mode.
I even tried to repair AD after switching the files by
using the esentutl /p but no success there.


Is there any way to restore the AD to the new server
that could work in my situation?

Any help would be greatly appreciated.


Regards,

Ralf
 
S

Sam Rakaba [MSFT]

Hello Ralf,

As I understand it the issue you have is that you want to perform a system
state restore on a different hardware. The action followed was correct, but
you might have missed one or two steps in the restore procedure.

Here is an article that will walk you step by step through the entire
restore procedure and repair process.
263532 How to perform a disaster recovery restoration of Active Directory
on a
http://support.microsoft.com/?id=263532

Please note that this is for windows 2000 Server. I believe that you have a
W2K3 Server; if so run DCpromo with the Install from Media feature

311078 How to use the Install from Media feature to promote Windows Server
http://support.microsoft.com/?id=311078

Hope that this would help resolve your issues.

Regards
Sam Rakaba

Get Secure! - www.microsoft.com/security

============================================================================


When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

============================================================================


This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
 
A

Andrei Ungureanu

remember that Install from Media can be used only to install additional
domain controllers ... so you'll need conectivity to an existent DC.

if you need to remove some things from IMF try this:

Reducing the size of system state backups
When a domain controller is located in a domain, or in a forest, that has
many objects, the size of the default system images from the domain
controller may be more than the 650-megabyte (MB) capacity of CDs or the
4-gigabyte-plus capacity of DVDs. A system state backup of an Active
Directory domain controller has five elements: . Active Directory
. The SYSVOL tree
. The Boot.ini file
. The COM+ class registration database
. The registry
Administrators may delete unnecessary elements in the system state backup if
the removable media or the partition that hosts the restored backup does not
contain sufficient free disk space. A system state backup that is restored
to an alternative location has a matching folder name for each element of
the system state backup. The following list indicates whether a system state
backup element is required or whether it can be removed to reduce the backup
on-disk footprint: . Active Directory is required.
. The SYSVOL tree may be optionally removed. (A specific configuration
is required to source the SYSVOL tree during IFM promotion. )
. The Boot.ini file may be removed.
. The COM+ class registration database may be removed.
. The registry folder is required. Registry components are required as
follows: . The Default file in the \Registry folder may be removed.
. The SAM file is required.
. The SECURITY folder is required.
. The SOFTWARE file may be removed.
. The SYSTEM file is required.


Andrei Ungureanu
www.eventid.net



"Sam Rakaba [MSFT]" said:
Hello Ralf,

As I understand it the issue you have is that you want to perform a system
state restore on a different hardware. The action followed was correct,
but
you might have missed one or two steps in the restore procedure.

Here is an article that will walk you step by step through the entire
restore procedure and repair process.
263532 How to perform a disaster recovery restoration of Active Directory
on a
http://support.microsoft.com/?id=263532

Please note that this is for windows 2000 Server. I believe that you have
a
W2K3 Server; if so run DCpromo with the Install from Media feature

311078 How to use the Install from Media feature to promote Windows Server
http://support.microsoft.com/?id=311078

Hope that this would help resolve your issues.

Regards
Sam Rakaba

Get Secure! - www.microsoft.com/security

============================================================================


When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

============================================================================


This posting is provided "AS IS" with no warranties, and confers no
rights.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Restore Windows 2003 DNS from Active Directory NTDS.DIT 3
Active Directory User Accounts 1
Disaster Recovery Active Directory 1
Active directory restore 1
Restoring USer Objects IN Active Directory 1
Backup Active Directory Server 6
restore active directory 2
Restore active directory from backup 2

Top