SYStem State win2003

D

Darren D

P.S - I perform daily sytem state backups

On one of my DC's I have a copy of CA running. Then let assume my CA
databse become corrupted and I need to restore the database . I read that I
should perform a non-auth restore on this DC.. but I am a bit confuse I
thought that my corruped CA database will be replicated to other domain
controllers assuming replication has taken place.. ...So if I perform a
non-auth restore then my restore will be overwitten by a corruped CA copy
from the other DC .. Is this correct?
The only reason I can think why I would perform a non-auth restore is that
the CA database is not being replicated ONLY the A/D database.. Is this
corect.. ??

The system state contains , boot file systems file etc and a copy of A/D
database, is it correct to say that ONLY component that gets replicated
among DC controllers is the A/D database..

Thanks
Darren
 
L

Laura A. Robinson [MVP]

circa Sat, 4 Sep 2004 15:23:25 -0400, in
microsoft.public.win2000.active_directory, Darren D
([email protected]) said,
P.S - I perform daily sytem state backups

On one of my DC's I have a copy of CA running.
Click to expand...

CA what? (Sorry, I'm slow today)

Laura
 
E

Enkidu

P.S - I perform daily sytem state backups

On one of my DC's I have a copy of CA running. Then let assume my CA
databse become corrupted and I need to restore the database . I read that I
should perform a non-auth restore on this DC.. but I am a bit confuse I
thought that my corruped CA database will be replicated to other domain
controllers assuming replication has taken place.. ...So if I perform a
non-auth restore then my restore will be overwitten by a corruped CA copy
from the other DC .. Is this correct?
The only reason I can think why I would perform a non-auth restore is that
the CA database is not being replicated ONLY the A/D database.. Is this
corect.. ??

The system state contains , boot file systems file etc and a copy of A/D
database, is it correct to say that ONLY component that gets replicated
among DC controllers is the A/D database..
Click to expand...
Assuming that you really did want to roll the AD back to the last
backup, you need to:
a) Take the server offline
b) go into AD Restore Mode.
c) Perform a *NON* authoratitve restore. Don't reboot.
d) Mark those bits of AD that you want to keep authoratative (in your
case all),
e) Reboot and connect to the network.

Then the restored AD stuff will replicate to the other DCs.

BUT.... you don't want to do that. You want to do this:

http://support.microsoft.com/default.aspx?scid=kb;en-us;313272&sd=tech

From memory, CA services are backed up with system state. That
includes all the AD stuff, so if you restore System state, you do NOT
want to do an authoratative restore, I think.

Cheers,

Cliff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

authoritative restore 2
Problems after Restore System State 25
fix a journal wrap without a restore? 2
Does AD Restore Always Require a System State Restore to Original Location?? 1
procedure required for complete active directory restore to aprevious state 9
error raise domain function from win2000 to win2003 0
Certificate authrorty server 1
Authoritative vs Nonauthoritative restore 6

Top