Saturday 13 October 2018

Mount Active Directory Database from SystemStateBackup


AD Database Mount: 

            Being Active Directory Admin, we often receive request to clean up AD Objects (Users, Groups, and Computer etc), once it has been cleaned, a few scenario we may have to refer the deleted objects SID, Group Members or Security Related information. 

            Restoring AD Objects now days quiet easy by using various tools, however few circumstances management does not allow us to restore it. Hence I had searched the alternate way to refer the deleted objects to document object attributes.

MS provided simple solution to mount AD Database from Backup and refer the objects from Mounted database version.



Lets Jump into the Lab to see how it works.
  
I have created Test.Local Domain and Created Two User and One Group. The Users are Member of Group1.



One of the Key factors, the administrators always has to remember. Taking Active Directory backup regular basis. 

Once the above Users and Groups are created, I have taken System State Backup for my AD and I deleted Group1 Object.



Now we are looking for a solution to refer the deleted object and the group member info. In order to view the previous state of AD Objects, I just Restored System State Backup from Alternate Location.
 

Note: Starting in Windows Server 2008, the Active Directory management tools include dsamain.exe, which allows you to mount a volume shadow copy snapshot or backup of ntds.dit, and explore it using standard admin tools, like Active Directory Users and Computers (ADUC) and the PowerShell AD cmdlets.

Now we are going to Mount Database by using DSAMAIN.EXE tools.




Once your database has been mounted, you will be notified “Microsoft Active Directory Domain Service Startup Complete” do not close the CMD.

Let us use the copy of the directory service by using Native ADUC MMC.

We have successfully mounted database and we are able to see the deleted objects from Snapshot Copy. The MMC is read only; hence you will not be able to modify the objects.

If we want to take review the objects by using powershell, we have to pass the Server Name: LDAPPORT
Now time to close the Backup Console, just simply Press CTRL + C your Command Prompt.




 

                                                 ****** Happy Learning******




Posted by at

3 comments:

  1. cionsystems4 February 2020 at 02:12

    Thanks for sharing Active Directory Recovery Tool tips. for more info i rfer cion systems Active Directory Recovery Tool in USA.

    ReplyDelete
  2. Anonymous8 October 2022 at 20:19

    thanks

    ReplyDelete
  3. Anonymous14 June 2023 at 12:51

    Very nice! Thanks for sharing

    ReplyDelete

Subscribe to: Post Comments (Atom)