Project:Amanda Enterprise 3.1 > Zmanda Windows Client Users Manual > Authoritative Active Directory Restores

Authoritative Active Directory Restores

Authoritative Active Directory (AD) restores are necessary when you wish to restore not just the target machine, but all other machines in the domain with AD. The authoritative restore process returns a designated object or container of objects to its state at the time of the AD backup. For example, an authoritative restore might be required if you accidentally delete an organizational unit (OU) containing a large number of users. The default nonauthoritative restore will not recover deleted OU because the restored domain controller will match the current status of its replication partners after the recovery, and the partners will have OUs deleted. When you mark the AD restore as Authoritative, the AD replication process will propagate the recovered OUs to other Domain Controllers in the domain.

Steps for Zmanda Windows Client Authoritative AD Restores

  1. Make sure that the correct version, platform, and patch level of Windows is installed, as well as Active Directory.
  2. If restoring to the same machine from which the backup was taken, boot the system in Directory Service Restore Mode. If restoring to a different machine, this step is not required.
  3. Manually start the ZWCService from the Directory Service Restore Mode or "local system" account.
  4. Use the ZMC to restore the machine using the System State backup that includes Active Directory backup.
  5. Run Microsoft's NTDSUtil as described here to make the restored Domain Controller authoritative.

Authoritative SYSVOL Restores

Making the restored AD Domain Controller authoritative as described above does not automatically propagate SYSVOL state to other controllers in the domain. Instructions on that process are available from Microsoft here.