Search This Blog

Wednesday, February 3, 2016

Restore Active Directory Objects and Container Using Veeam Backup and Replication v9

The most common way to backup Active Directory is backup system state by using Windows Backup [build in on operating services], System Center Data Protection Manager or other 3rd party backup solution that you can think of.

Backup is easy! However, what happen when disaster occur which require you to restore Active Directory database?

Well, normal IT System Administrator,will just perform recovery of Active Directory database by performing non-authoritative restore or authoritative restore. Refer to https://msdn.microsoft.com/en-us/library/bb727048.aspx

Next, do you really want to restore entire Active Directory database and how easy to recover just a ...
  • Active directory object or container (users, groups, computers, OU, mail enabled user & group
  • Group Policy Object (GPO) [ New in v9 ]
  • AD integrated DNS records [New in v9 ]
  • Password
  • Configuration Partition Object [New in v9 ]

To perform above recovery, you will use
  • Windows Backup - backup Active Directory database
  • GPMC - backup group policy object
  • dnscmd - backup AD Integrated DNS records
Wow! Not easy with so many tools to use. Why not look into the below solution that we are going to talk about?


To make your life easy, you can use Veeam Backup and Replication v9 to backup entire Domain Controller Virtual Machine, perform restore an objects and container with Veeam Explorer for Active Directory.

Veeam Explorer for Microsoft Active Directory is a free tool installed with Veeam Backup and Replication (VBR). Active Directory database will be extracted by VBR from the backup or replica file. For Veeam Explorer to work, you need to use credential that has permission to access Active Directory domain.

Veeam Explorer for AD work on AD 2003, 2008, 2008 R2, 2012 and 2012 R2 VM backup.













Let have a quick look on what we can recover by using Veeam solution.

[Restore Object]
You can recover user account, group, password, mailbox enabled account,etc

Note: You can view attributes and make comparison on value on the backup and production value.

Besides, you can define new password and other setting on object before recover.

  
[ Restore Container]
Entire Organizational Unit (OU) restore with deleted user account/group.


[Restore Group Policy Object]

Restore deleted group policy object.


Note:- Must has Enterprise or Enterprise Plus license to restore this item

[Restore AD integrated DNS record]
Restore a DNS record or DNS zones


Note:- After restoration, you must restart DNS Server service in order to see the changes.

[Restore Configuration Partition Object]



Note:- Must has Enterprise or Enterprise Plus license to restore this item

That's all for today. We have talked about using Veeam Explorer for Active Directory to recover an objects and container. Please feel free to check out Veeam Availability Suite:- https://www.veeam.com/data-center-availability-suite.html