Restoring Active Directory in Windows 2000 Server is a very important part of your recovery strategy. Too many administrators ignore this part and rely on backups. The backup is of no value to you if you can't use it to restore the machine. Failed tapes and corrupted data can cause a lot of problems, so be sure to "practice" restoring to make sure you can do it when you really need to.
Active Directory supports two kinds of restores: normal restore (also called non-authoritative restore) and authoritative restore. To restore Active Directory using non-authoritative restore, you have to reboot your domain controller in the Directory Services Restore mode and log on using your special administrative account. You do this by pressing [F8] on the boot menu and selecting Directory Services Restore.
You have to reboot in this mode because you can't do an online restore. In other words, all services that are using Active Directory must not be running. Then you have to run the Backup utility and restore System State data. Restoring is as easy as creating a backup -- all you have to do is to follow the onscreen wizards.
After you restore the System State, reboot the domain controller again. Windows 2000 Server will now run a consistency check and re-index the Active Directory. It will also get any updates from replication partners that occurred since the backup was performed.
Miss a column?
Check out the Windows 2000 Server archive, and catch up on the all the Windows 2000 Server columns.
Want more Windows 2000 Server tips and tricks? Automatically sign up for our free Windows 2000 Server newsletter, delivered each Tuesday!