previous version of active directory

Scott Gao 291 Reputation points
2022-06-12T11:54:46.163+00:00

Hello friends

Me again. Last time I said I need to have way to go back previous version of AD. And I know backup is the only way.
After many days, I made many research. I understand authoritative restore and non-authoritative restore.

Most video in youtube teach me do not select "performance an authoritative restore of active directory file.". After restore complete, use below way to restore.
ntdsutil -> active instance ntds -> authoritative restore -> restore object or subtree.
I had try this way restore ou or users, it work, But not enough. I would like to restore schema.
Some other Q&A said 1. ntdsutil not support resotre whole database, this function had been removed. 2. ntdsutil not support restore schema.
If this is true, why I don't use AD recycle bin instead of use this dumb way?
Q1. I try to select " "performance an authoritative restore of active directory file.", and direct reboot after recover backup complete. I suppose whole AD will go back, but in fact nothing happen, nothing restored. What's wrong on my step? how does this option use?
Q2. is there a way to whole AD go back to previous version?
Thanks for your time and help

210504-image.png

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,808 questions
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2022-06-14T15:25:45.903+00:00

    Ok, this is not an authoritative restore. Read on here about active directory backup / restore methods.
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc778772(v=ws.10)?redirectedfrom=MSDN

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Anonymous
    2022-06-12T12:39:24.717+00:00

    The difference between an authoritative or non-authoritative restore is simply the source and or destinations for repair of sysvol (broken replication).

    --please don't forget to upvote and Accept as answer if the reply is helpful--


  2. Anonymous
    2022-06-14T02:41:03.327+00:00
    1. An authoritative restore will push the designated source sysvol to other domain controllers
    2. Not sure what you're asking, may mean doing a bare metal restore, but this isn't recommended when there are multiple domain controllers unless all is lost.

    --please don't forget to upvote and Accept as answer if the reply is helpful--


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.