Back Up Active Directory in Windows

Active Directory is a network structure that stores domain and network information about all computers and devices as well as user and device software settings. It resides on each domain controller in an organization and replicates itself between the domain controllers. Backing up Active Directory is important, since a crash of a domain controller causes all network information to be lost. Backup involves backing up the system state, which is all the system components that rely on each other. They have to be backed up and restored together for accurate results. There are different ways to back up Active Directory using Microsoft tools. Which one to use depends on the Windows operating system that is running on the domain controller.

Steps

How to Backup Active Directory on Windows 2000 and 2003 Servers

1. Understand what constitutes a good backup to properly plan a backup schedule. At least two domain controllers should be backed up in each domain, including one that is an operations master role holder. The backup should contain the system state and the contents of the system disk. Backups should be less than 60 days old.
2. Log on to the Domain Controller locally as an administrator or a backup operator.
3. Left-click on the start button. Navigate to Programs, Accessories, System Tools. Select "Backup." Click on the backup wizard button and choose "next."
4. Choose "back up selected files, drives, or network data."
5. Select "System State" on the screen that asks what items to back up.
6. Click the plus sign next to the drive letter that contains the system files to expand the selection. Select "system disk." Click "next."
7. Specify a folder or tape device to backup to in the "Where to Store the Backup" choice.
8. Name the file if using file backup, or select the tape to be used if using a tape in the "Backup Media or File Name" box.
9. Make sure the selection "Prompt to replace data" is included under the "How" category. If necessary, select the Advanced button and follow the prompts until reaching the Media Options screen. Choose "Replace the data on the media with this backup."
10. Follow the prompts to the "finish" screen. Choose "yes" to overwrite data.

How to Backup Active Directory on Windows 2008 Servers

1. Open Server Manager. Choose "add features" and install Windows Server Backup if it is not already installed.
2. Click start, run and command to get to a command line. Type "wbadmin start systemstatebackup."
3. Add the parameter "-allcritical" to back up all critical volumes instead of just system state data. This will back up the whole volume.
4. Use the command line tool to create scheduled backups. Scheduled backups must be backed up to a local physical dedicated drive.

Tips

• An alternative is to use a third-party backup utility that supports Active Directory backup.

Warnings

• A backup must be performed on every domain controller. The backup only backs up local active directory settings, not the whole enterprise.

Related Articles

• Install Active Directory on Windows 2000 Server from Scratch
• Build ISC BIND DNS in Windows
• Access Active Directory in Windows Server 2008

Sources and Citations

• http://technet.microsoft.com/en-us/library/bb727062.aspx#E0PE0AA
• http://technet.microsoft.com/en-us/library/cc754472%28WS.10%29.aspx