Configure Active Directory Backup
Hello,
If you want to be able to restore some Active Directory objects, you need to backup your domain before. Remember, the recycle-bin introduced in 2008 R2 can only restore deleted items, but cannot restore previous state of an existing object. You have a lot of great software for Active Directory backup, but there is also one in the box, Windows Server Backup.
You can create a scheduled job to backup your AD on a regular basis, and then, when you need to make a restoration of an Active Directory object, you can restore one of the previous Active Directory backup, and then tag your item as authoritative to replicate the one from your backup to all of your Domain Controllers.
Configure Active Directory Backup – Install the Feature
First, we need to install this feature :
Install-WindowsFeature -Name Windows-Server-Backup
Once install, you can use wbadmin.exe, or the GUI to create the scheduled job.
Configure Active Directory Backup – GUI
Configure Active Directory Backup – Configure the schedule job
Let’s click on “Backup Schedule” to start configuring our scheduled job.
Click on “Next” to start the wizard :
Configure Active Directory Backup – Schedule Backup Wizard
Select the “custom” backup configuration to allow us to select only a System State backup, without backing all the files and folder of the Domain Controller :
Configure Active Directory Backup – Schedule Backup – Backup Configuration
Click on “Add Items” to pop the list of backup details :
Configure Active Directory Backup – Schedule Backup – Items to backup
Select “System State” to be able to restore granular Active Directory object :
Configure Active Directory Backup – Schedule Backup – System State
Once chosen, you can hit “Next” :
Configure Active Directory Backup – Schedule Backup – System State
Choose the schedule options :
Configure Active Directory Backup – Schedule Backup – Schedule options
Select the destination of the backup. Microsoft recommend a dedicated hard drive, it will allow more possibilities (automatic retention, multiple copies, etc..) :
Configure Active Directory Backup – Schedule Backup – Backup destination
Click on “Show all Available disks” to see on which disk you can store your System State backup :
Configure Active Directory Backup – Schedule Backup – Select Disk
Select the destination disk you want to use, it must be dedicated to backup :
Configure Active Directory Backup – Schedule Backup – Available disk
Tick the case to select this disk, and hit “Next” :
Configure Active Directory Backup – Schedule Backup – Disk Selected
Read the warning carefully, and accept it if you agree (Hint : You do not really have a choice 🙂 )
Configure Active Directory Backup – Schedule Backup – Warning
Review your selection, and hit “Finish” if you’re sure about this :
Configure Active Directory Backup – Schedule Backup – Confirmation
Wait a few minutes for the schedule creation :
Configure Active Directory Backup – Schedule Backup – Wait
And now you’re done, your backup is scheduled !
Configure Active Directory Backup – Schedule Backup 14
Now, your Domain Controller will be backing up it self on the schedule you choose. You may want to do this on several Domain Controllers to improve your Active Directory resiliency.
Can can force a backup based on your scheduled job to run immediately with the “Backup Once…” button.
Configure Active Directory Backup – Check if the job ran
You created the job, now you need to monitor it, and be sure that the job will run on each schedule :
Check the GUI :
Configure Active Directory Backup – Schedule Backup 15
Pingback: Get last Active Directory Backup date - It for DummiesIt for Dummies