Hello everyone Today i would like to show you.
How to restoring Active Directory Domain Services Objects
using Authoritative restore in windows server 2012 R2.
Authoritative restore is a method to recover objects and containers that have deleted for ADDS.
An authoritative restore marks specific data as current and prevents the replication from overwriting
The authoritative data is then replicated throughout the domain.
in lab i have 2 DC 1 PDC and 1 Additional
Ex; i will delete user sale and OU ITs and then restore it using Windows Server backup (Wbadmin)
and NTDSUTIL by cli
1.restart th DC into Directory recovery model ( F8 on the keyboard) or At the command prompt.
"bcdedit /set safeboot dsrepair"
2. Login with .\Administrator and the Directory Services restore Mode (DSRM) password
3. Right Click on safe mode start menu , click Command Prompt.
4.in the command type wbadmin get versions this wll provide you with a view of the image backup
catalogue for your server.
5. to start restore process type wbadmin start systemstaterecovery -version:
starting a system stat recovery operation and this might take a few minute or longer.
Once recovery is finished,you are asked to restart your computer
Do not restart the system.
performing an Authoritative restore .
1. open command prompt (admin) type , ntdsutil Enter
2.type,activate instance ntds. Enter
3.Type,authoritative restore. Enter
4.restore OU ,Type, restore subtree "OU=ITs,DC=contoso,DC=com"
Restore User,Type,restore object "CN=sale,OU=SALEs,DC=contoso,DC=com"
in the command prompt type,bcdedit /deletevalue safeboot
Enjoy bye bye.