Recovering Internet Information Services
When Internet
Information Services (IIS) data is erased or the service is not
functioning as desired, restoring the configuration might be necessary.
Backup and restore of IIS configurations is simpler than ever in Windows
2008. To restore the IIS 7 configuration, perform the following step:
1. | From a command prompt, type %windir%\system32\inetsrv\appcmd.exe restore backup "My Backup".
This assumes that you’ve taken backups of IIS by using %windir%\system32\inetsrv\appcmd.exe add backup "My Backup" .
|
Recovering IIS Data and Logs
IIS web and FTP folders are stored in the C:\InetPub\ directory. The default location for the IIS logs is C:\Windows\system32\LogFiles.
To recover the IIS website, FTP site, or IIS logs, restore the files
using either shadow copy data or a backup/restore tool such as Ntbackup.exe.
Recovering Windows Server 2008 Domain Controllers
When a Windows Server 2008
domain controller fails, the administrator needs to either recover this
server or understand how to completely and properly remove this domain
controller from the domain. The following are some questions to
consider:
Did this domain controller host any of the domain or forest Flexible Single Master Operations (FSMO) roles?
Was this domain controller a global catalog (GC) server, and, if so, was it the only GC in a single Active Directory site?
If the server failed because of Active Directory corruption, has the corruption been replicated to other domain controllers?
Is this server a replication hub or bridgehead server for Active Directory site replication?
Using
the preceding list of questions, the administrator can decide how best
to deal with the failure. For example, if the failed domain controller
hosted the PDC emulator FSMO role, the server could be restored or the
FSMO role could be manually seized by a separate domain controller. If
the domain controller was the bridgehead server for Active Directory
site replication, recovering this server might make the most sense so
that the desired primary replication topology remains intact. The
administrator should recover a failed domain controller as any other
server would be recovered, restore the OS from an ASR restore, or build a
clean server, restore the System State, and perform subsequent restores
of local drive data as necessary.
Recovering Active Directory
When undesired
changes are made in Active Directory or the Active Directory database is
corrupted on a domain controller, recovering the Active Directory
database might be necessary. Restoring Active Directory can seem like a
difficult task, unless frequent backups are performed and the
administrator understands all the restore options.
The Active Directory Database
The Active
Directory database contains all the information stored in Active
Directory. The global catalog information is also stored in this
database. The actual filename is ntds.dit and, by default, is located in C:\Windows\NTDS\.
When a domain controller is restored from server failure, the Active
Directory database is restored with the System State. If no special
steps are taken when the server comes back online, it will ask any other
domain controllers for a copy of the latest version of the Active
Directory database. This situation is called a nonauthoritative restore
of Active Directory.
When a change in
Active Directory needs to be rolled back or the entire database needs to
be rolled back across the enterprise or domain, an authoritative
restore of the Active Directory database is necessary. Recovery of this
type is a combination of two events: first, a system state restore of
the domain controller, followed by NTDSUTIL commands to tell the newly
restored information to overwrite existing information in the directory.
To perform an authoritative restore of the Active Directory database, follow these steps:
1. | Log on to the Windows Server 2008 system with an account with administrator privileges.
|
2. | Click Start, click All Programs, click Administrative Tools, and select System Configuration.
|
3. | Select
the Boot tab. In the Boot Options section, check the Safe Boot check
box, select the Active Directory Repair option button, and then click
OK.
|
4. | The
System Configuration utility asks for a reboot, and if there are no
additional tasks to perform, click the Restart button to boot the system
into DSRM.
|
5. | When
the system completes a reboot, log on as administrator with the DSRM
password. Make sure to specify the local server as the logon domain—for
example, server1\administrator instead of companyabc\administrator.
|
6. | Click Start, click All Programs, click Accessories, and select Command Prompt.
|
7. | At the command prompt, type wbadmin get versions and press Enter. This returns a list of the known backups. The most recent backup is the last one listed.
|
8. | In
the Command Prompt window, select the desired backup version that can
recover the System State by highlighting the version identifier and
pressing Enter to store the version name on the Clipboard. For this
example, use the version identifier of 02/02/2009-17:00.
|
9. | If the System State is restored to recover Active Directory, in the Command Prompt window, type wbadmin Start SystemStateRecovery –version:02/02/2007-17:00 and press Enter.
|
10. | If the System State is being recovered to recover the SYSVOL, in the Command Prompt window, type wbadmin Start SystemStateRecovery –version: 20/02/2007-17:00 –authsysvol and press Enter.
|
11. | If the command was entered properly, a confirmation will be required to start the System State recovery. Type in Y to accept the System State recovery, and press Enter to start the System State recovery process.
|
12. | The System State recovery will take several minutes to complete. Do not reboot.
|
13. | If
an authoritative restore of Active Directory objects is required,
perform that task now as outlined in a proceeding section. If an
authoritative restore of Active Directory objects is not required, click
Start, click Administrative Tools, and select System Configuration.
|
14. | Select the Boot tab. In the Boot Options section, uncheck the Safe Boot check box, and click OK to save the settings.
|
15. | Reboot the domain controllers into normal Boot mode.
|
16. | After the system reboots, verify functionality. If everything is working fine, perform a full backup.
|
When Active Directory
has been modified and needs to be restored to a previous state, and this
rollback needs to be replicated to all domain controllers in the domain
and possibly the forest, an authoritative restore of Active Directory
is required. An authoritative restore of Active Directory can include
the entire Active Directory database, a single object, or a container,
such as an organizational unit including all objects previously stored
within the container. To perform an authoritative restore of Active
Directory, perform the System State restore of a domain controller, but
when you are finished, do not reboot and perform these additional steps:
1. | Open
a command prompt on the domain controller that is running in DSRM and
has just completed a System State recovery, but has not yet |
