How to restore a domain controller
The tale that SystemState made by NTBackup is not such an aid when restoring DC.
I'll start from far away.
He settled down and took the place of the administrator, previously worked as a developer, but then they paid significantly more, so I decided to change the scope of activities so far.
There were 4 servers in my competence:
dc - domain controller
fs - file + print server
av - server with antivirus + local chat
db - for the base
In a month, 2 new servers arrived: one went for one special project beyond my competence, and one for infrastructure needs, i.e. for me.
')
I previously worked with hyper-v, so I decided not to bother and deployed it, not vmware, even though I tried it too.
Brought another domain controller dc2, wsus, new fs, print server, etc.
They wrote off the old servers: av, db using Acronis True Image Universal Restore was transferred to hyper-v, the old fs was simply removed.
And so we had: dc1 (old dc physical), under hyper-v dc2 was spinning, new fs, etc. what is necessary for life.
After a year and a half, a lot of equipment arrived and decided to give the existing hyper-v server for other tasks, and deploy a cluster of two hyper-v servers. Potiha threw servers from the old hyper-v to the cluster. So far we have decided not to touch domain controllers.
The dc1 server began to sneak and we decided that we should get rid of it. They made a copy using disk2vhd and there was a fresh SystemState done daily using NTBackup .
We decide to start with the vhd file dc1. We created a virtual machine with this vhd - at startup we get BSOD. With the help of Acronis True Image Universal Restore, we have achieved that the server is started, but AD swears that it is bad for him and AD does not actually plow. In the internet they found that it is impossible to do this with DC: take images of partitions.
He leaned on the work and got a little distracted. dc2 served as DC.
The partner decided to transfer the dc2 server from the old hyper-v to the cluster. Just threw the vhd file, created a new virtual machine with this file and started the server. The OS booted, but the new network card turned out to be and AD will not work.
Randomly, he deleted the xml virtual machine description file on the old hyper-v. Now, on the old hyper-v server, dc2 swore similarly.
We decided to restore dc1 from SystemState on a hyper-v cluster, since The dc1 physical server does not support booting from cd, and the OS itself has already stopped loading. I put the same Windows Server 2003. I restore SystemState , but after reboot BSOD *** Stop: 0x0000007B .
We find on technet how you can try to revive dc2.
Create a new virtual machine, connect the vhd dc2 file to it, load into it. In it, we add the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES with a value of 1. Then we show hidden devices in the device manager, find the old network one, and save the device's GUID. We delete the vhd file from the created virtual machine and export it (without the vhd file it goes faster :)). In the escorted xml file, we go with the GUID of the network card. Then we import the virtual machine and connect the untouched vhd file from dc2.
We are loading into Directory Services Restore Mode (you need the administrator's password, we reset it, because the user was blocked, etc.), we add the technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv (WS.10) described here . .aspx parameters in the registry.
The system boots, but the AD snap-ins on startup report problems with the workstation service. The server is in a state not a member server, but also not a domain controller. Having rummaged on technet we find discussion of a similar problem in one branch. There, the correct answers are highlighted and they all say that it was necessary to use ntbackup, etc. (yes, this ntbackup helped), but at the very bottom was a post where a friend advised: remove the Client for Microsoft Networks in the TCI / IP properties of the network card, and then install it immediately.
And it helped: snap AD began to open without problems. Captured roles.
On the advice of his brother, also an admin, he decided to raise dc3 on the cluster to check if everything will be replicated normally. Everything was normal and already according to the method described here www.petri.co.il/delete_failed_dcs_from_ad.htm cleaned mention of dc1.
After the new dc1 was raised on the cluster, with the old ip and the transfer of roles to it, because so needed for local infrastructure.
1 - From the very beginning, it was necessary to deploy another additional dc, lower d1, and then re-create it
2 - do not delete anything ahead of time: you just need to turn off dc2 on the old hyper-v and use the export of the virtual machine
3 - Consult and discuss actions before starting work.
Maybe there are any suggestions and wishes that could be done better, more efficiently or faster.
I'll start from far away.
He settled down and took the place of the administrator, previously worked as a developer, but then they paid significantly more, so I decided to change the scope of activities so far.
There were 4 servers in my competence:
dc - domain controller
fs - file + print server
av - server with antivirus + local chat
db - for the base
In a month, 2 new servers arrived: one went for one special project beyond my competence, and one for infrastructure needs, i.e. for me.
')
I previously worked with hyper-v, so I decided not to bother and deployed it, not vmware, even though I tried it too.
Brought another domain controller dc2, wsus, new fs, print server, etc.
They wrote off the old servers: av, db using Acronis True Image Universal Restore was transferred to hyper-v, the old fs was simply removed.
And so we had: dc1 (old dc physical), under hyper-v dc2 was spinning, new fs, etc. what is necessary for life.
After a year and a half, a lot of equipment arrived and decided to give the existing hyper-v server for other tasks, and deploy a cluster of two hyper-v servers. Potiha threw servers from the old hyper-v to the cluster. So far we have decided not to touch domain controllers.
The dc1 server began to sneak and we decided that we should get rid of it. They made a copy using disk2vhd and there was a fresh SystemState done daily using NTBackup .
We decide to start with the vhd file dc1. We created a virtual machine with this vhd - at startup we get BSOD. With the help of Acronis True Image Universal Restore, we have achieved that the server is started, but AD swears that it is bad for him and AD does not actually plow. In the internet they found that it is impossible to do this with DC: take images of partitions.
He leaned on the work and got a little distracted. dc2 served as DC.
The partner decided to transfer the dc2 server from the old hyper-v to the cluster. Just threw the vhd file, created a new virtual machine with this file and started the server. The OS booted, but the new network card turned out to be and AD will not work.
Randomly, he deleted the xml virtual machine description file on the old hyper-v. Now, on the old hyper-v server, dc2 swore similarly.
We decided to restore dc1 from SystemState on a hyper-v cluster, since The dc1 physical server does not support booting from cd, and the OS itself has already stopped loading. I put the same Windows Server 2003. I restore SystemState , but after reboot BSOD *** Stop: 0x0000007B .
We find on technet how you can try to revive dc2.
Create a new virtual machine, connect the vhd dc2 file to it, load into it. In it, we add the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES with a value of 1. Then we show hidden devices in the device manager, find the old network one, and save the device's GUID. We delete the vhd file from the created virtual machine and export it (without the vhd file it goes faster :)). In the escorted xml file, we go with the GUID of the network card. Then we import the virtual machine and connect the untouched vhd file from dc2.
We are loading into Directory Services Restore Mode (you need the administrator's password, we reset it, because the user was blocked, etc.), we add the technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv (WS.10) described here . .aspx parameters in the registry.
The system boots, but the AD snap-ins on startup report problems with the workstation service. The server is in a state not a member server, but also not a domain controller. Having rummaged on technet we find discussion of a similar problem in one branch. There, the correct answers are highlighted and they all say that it was necessary to use ntbackup, etc. (yes, this ntbackup helped), but at the very bottom was a post where a friend advised: remove the Client for Microsoft Networks in the TCI / IP properties of the network card, and then install it immediately.
And it helped: snap AD began to open without problems. Captured roles.
On the advice of his brother, also an admin, he decided to raise dc3 on the cluster to check if everything will be replicated normally. Everything was normal and already according to the method described here www.petri.co.il/delete_failed_dcs_from_ad.htm cleaned mention of dc1.
After the new dc1 was raised on the cluster, with the old ip and the transfer of roles to it, because so needed for local infrastructure.
Conclusion
1 - From the very beginning, it was necessary to deploy another additional dc, lower d1, and then re-create it
2 - do not delete anything ahead of time: you just need to turn off dc2 on the old hyper-v and use the export of the virtual machine
3 - Consult and discuss actions before starting work.
PS
Maybe there are any suggestions and wishes that could be done better, more efficiently or faster.
Source: https://habr.com/ru/post/126663/
All Articles