Ask the Expert

What's the correct recovery procedure for a multi-domain, multi-DC forest?

What's the correct recovery procedure for a multi-domain, multi-DC forest where *every* domain controller has been trashed (e.g. disaster created by deliberate and malicious internal action)? (Assume backup tapes held off site exist, of course.)

    Requires Free Membership to View

First go down to the local pub and have a pint -- think deeply about why you got into this business, and then get to work.

The work would proceed from an authoritative restore for the root domain in the tree hierarchy. Once complete and replicated to the other DCs and Global Catalog Servers, you could then perform restores on other server in the downlevel domains. You might also consider simply rebuilding some of the servers -- it depends how maliciously trashed they were. If it were really bad, you might consider performing restores on the FSMO holders in the domains only. Then rebuild from scratch the other supporting DCs -- but that could be a lot of work if you have many domains and DCs.

Editor's Note: For more information on Active Directory backup and recovery, check out our Active Directory Administration and Maintenance Best Web Links.

This was first published in March 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: