Correctly backing up and ensuring full recoverability of Active Directory
(AD) has always been a challenge for IT administrators. To back
up AD, you typically back up the whole domain controller (DC); but
although backing up a DC might be simple, understanding when to
use which recovery option can be difficult. The good news is that
most of what you’ve already learned about AD backup and recovery
still holds true for Windows Server 2008.
As with earlier versions of Windows, you can still back up AD by doing a
full system backup or a system-state backup of any DC of an AD domain, and you
still have to boot the DC in Directory Services Restore Mode (DSRM) and recover
its system state to recover AD. You also still have to use the native Ntdsutil tool
to perform an authoritative restore of objects should you need to recover an AD
object that’s been deleted. Therefore, you don’t need to throw all your existing
procedures overboard when you roll out your first Server 2008 DCs.
However, there are changes in the tools (and potentially in the media) you
use for DC backup and recovery. You won’t find the well-known ntbackup.exe,
the native backup tool in previous Windows versions, on Server 2008. Instead,
you use Windows Server Backup, the new native backup solution, which is
available as an installation option in all versions of Server 2008, including Server
Core.
Server 2008 also gives you some powerful new options to protect AD data
from being accidentally deleted and new ways to recover attribute data for AD.
Here I describe these changes, focusing on how the underlying backup mechanisms
have changed with Windows Server Backup and how you can use the new snapshot capabilities in Server
2008 for AD. The snapshot feature is worth spending some time with if you want to have faster and complete online
recovery of objects without needing to reboot your DC. In an upcoming article, I’ll discuss how to prepare for an
efficient online recovery of deleted objects, levering tombstone reanimation and Microsoft Volume Shadow Copy
Service (VSS) snapshots of an AD database. But first things first—let’s look at how to use Windows Server Backup
for AD backup and recovery.
Introducing Windows Server Backup
Don’t think of Windows Server Backup as an update to Ntbackup, because it isn’t. In fact, Windows Server Backup
is completely new and has little in common with Ntbackup. For starters, it has an entirely different UI, as you can see in Figure 1. However, the difference
between the old and new utilities becomes
even more apparent once you realize that
Windows Server Backup is designed to do
only disk-to-disk backup and to use VSS.
Here’s a rundown of the most important differences
between Windows Server Backup
and Ntbackup.
• Windows Server Backup uses VSS to create
block-level backups from source volumes
and to allow efficient creation of
incremental backups. The backup files
the utility creates on the target volume
are actually Microsoft Virtual Hard Disk
(VHD) files—the same format used for
Microsoft’s OS virtualization solutions.
If necessary, you can mount the virtual
backup disks to a virtual server for direct
access or to a physical server (using the
Vhdmount tool that comes with Virtual
Server 2005). However, Windows Server
Backup’s backup function using a VHD
file differs from a physical-to-virtual
migration tool in that it doesn’t prepare
the VHD to be bootable on a virtual
machine. Physical-to-virtual migration
tools convert physical instances
of servers to virtual machines, replacing
important hardware-level drivers
with corresponding drivers that are
required for the server to run as a virtual
machine. Windows Server Backup
doesn’t do this conversion.
• Windows Server Backup can back up
and restore only NTFS volumes. (On
IA64 systems the utility also supports the
Extensible Firmware Interface system
partition.) Both Master Boot Record and
GUID Partition Table partition types are
supported.
• Windows Server Backup always backs
up whole volumes—you can’t back up
individual files or folders, although you
can specify particular files or folders to
restore. The exception is a system-state
backup, which includes all necessary
system files but doesn’t back up the
entire volume.
• Although Server 2008 still provides the
APIs for tape access and media changers,
Windows Server Backup can’t back
up to a tape drive. Rather, it backs up
only to an internal or externally attached disk—and only to basic disks, not to
dynamic or Encrypting File System–
encrypted disks.
• Other supported backup targets for
Windows Server Backup are network
shares and DVD media. However,
because the system can’t perform a
Volume Shadow Copy Service snapshot
to a network share or a DVD, these
two target types don’t let you store
multiple backup versions on the same
target. Additionally, a system-state
backup can’t be performed directly to
a network share; it needs to use a local
volume.
• Windows Server Backup’s UI doesn’t
support a system-state backup; however,
all backup commands are available
through the wbadmin.exe commandline
tool.
• With the exception of a system-state
backup, Windows Server Backup can’t
store a backup on the same volume as
the one that’s being backed up.
• Windows Server Backup is designed
to allow very easy full-system recovery,
so there’s no need to install a new
server OS before you can recover from
a backup. Windows Server Backup can quickly
recover a server from
bare metal.
So what do the changes in
the native backup tool mean for
backup and recovery of Server
2008 AD DCs? There’s no need to
back up every DC in your forest—
you can always recover a DC by
re-promoting it and replicating
the data from another DC. For
backup redundancy, however,
you should back up at least two
writeable DCs per domain in
your forest. Although backup and
recovery of read-only domain
controllers (RODCs) is generally
supported, you can’t authoritatively
restore objects backed up
from an RODC because RODCs
don’t replicate changes to other
DCs.
Windows Server Backup
requires you to provide a separate
target volume for the backup data.
This requirement might pose a challenge
for single-volume server configurations,
but if you have the space to partition your
DCs, you can create a volume dedicated
solely to backup data. If that isn’t possible,
you can still perform a backup to a network
share. And if your system volumes contain
a lot of other data that you don’t care to
back up over the network (or to a different
drive), you can perform a system-state
backup—even on the same volume as the
source data—to ensure recoverability of
the DC’s AD database. For instructions
on how to store a system-state backup of
a Server 2008 DC on the source volume,
see the sidebar “Storing a DC System-State
Backup on the Source Volume.”
Realize that in contrast to a full system
recovery, a system-state recovery
doesn’t perform a block-level restore and
thus doesn’t erase the target volume before
the restore. A system-state recovery is filebased,
recovering all Windows System files
and registry settings to the state they were in
at backup. A system-state recovery doesn’t
restore applications that were installed on
the server and doesn’t recover local user
profiles.
Continue to page 2