Active Directory Domain Recovery Step by Step.

1. For restoration of  domain firstly we need to take the On Demand backup / Schedule Server backup.

2. If the backup location  is on the same machine no need to  configure any settings.

3. If the backup is on the remote shared  location then trust relationship must be there between parent domain and shared folder location domain.

4. Trust relationship should be configured. Please refer our article to configure trust relationship at the below given link.Create Trust from Remote  shared location domain.Configured the trust where the shared folder had been created.

http://blog.cionsystems.com/?p=1086

5. Once Trust is configured on remote shared folder domain then start the system state backup process from domain using CionSystems  AD Recovery Manager on Demand backup / Schedule backup.

6. Once backup is completed  go to AD Recovery Manager –>Server backup and Recovery –> AD Server backup’s history  and note down the version ID of the respective domain.

7.  After noting down the  Version ID.Go to AD Recovery Procedure tab and download Power Shell scripts .If  the DC  is 2012 and above download the power shell  script first.

8. If DC is 2008 and above then download  the second script as shown below.

9. If the domain is dead /crashed then follow the below steps  for restoration.

10. Let’s start with the restoration of DC.

11. Login to your machine in Directory Services Restore Mode.

12. If Directory Services Restore Mode is not enabled in safe mode then go to run command in normal mode and type                        msconfig and hit enter and reboot the machine.

13. Go to boot tab select  Safe boot  –>Select Active Directory Repair radio button and hit on Apply –>Click OK.

14. Click on restart button.The machine reboots in Directory Services Restore Mode.

15. Login to the machine with Local Admin account into Active Directory Services Repair mode.

16. After  login into Repair Mode  open the Script which was downloaded from the AD recovery manager.

17. Open the Power Shell script as shown below.

18. After opening the  Power shell script type “Y” and hit Enter.

19. Enter Version ID which was copied and hit on Enter key.

20. Enter the credentials User Name and Password where backup exist as below.

20. Hit Enter key.

21. Enter”Y” and hit Enter key. After hitting Enter key restoration process will start as shown below. It will display number of            files recovered.

22. It will display the recovery  % status  once restoration starts.

23. Once Recovery is completed system gets reboot after login with local admin account it goes to command prompt shown                 below.

24. Press Enter button and restart the machine in normal mode by unchecking  Active directory Repair option in system                     configuration tab.

25. Hit on apply and click on OK  it will pop up a window to restart the machine.

26. Click on Restart button.Machine will reboot in normal mode.

27. After reboot login with domain admin account.This is how the DC is restored.

Active Directory Forest Recovery step by step.

1. For restoration of forest domain firstly we need to take the On Demand backup / Schedule Server backup of parent (Main) domain and Child domains separately in different folders.

2.  If the backup location  is on the same machine no need to  configure any settings.

3. If the backup is on the remote shared  location then trust relationship must be there between parent domain and shared              folder location domain.

4. Trust relationship should be configured. Below are the steps to configure trust relationship.Create Trust from Remote  shared location domain.Configured the trust where the shared folder had been created.

5. Go to Administrative tools –> Active Directory Domains and Trusts.

6. Right click on domain and go to properties.

7. Go to Trusts –> Click on New Trust and hit on OK button.

8. Enter the fully qualified domain name  of Parent /Child domains and hit on next button.

9. Select realm trust and hit on next—> Again next.

10. In direction of trust page select Two way option and hit on next button.

11. Enter the Trust Relationship password and hit on next.

12. After successful configuration it will display the message “Trust relationship created successfully as below.

13. Click on Finish button.

14. Once Trust is configured on remote shared folder domain then start the system state backup process from parent domain and  then child domains using CionSystems  AD Recovery Manager on Demand backup / Schedule backup.

15. Once backup is completed  go to AD Recovery Manager –>Server backup and Recovery –> AD Server backup’s history  and note down the version ID of the respective domain.

16. After noting down the  Version ID.Go to AD Recovery Procedure tab and download Power Shell scripts .If  the Forest DC  is 2012 and above download the power shell  script first.

17.  If DC is 2008 and above then download  the second script as shown below.

18.  If the parent domain or child domains is dead /crashed then follow the below steps  for restoration.

19. If you need to restore complete Forest.First restore the parent domain afterwards child domains one by one.

20. If  Child domains  need  to  be restored then restore child domains only.

21. Let’s start with the restoration of forest DC.

22. Login to your machine in Directory Services Restore Mode.

23.  If Directory Services Restore Mode is not enabled in safe mode then go to run command in normal mode and type                        msconfig and hit enter and reboot the machine.

24. Go to boot tab select  Safe boot  –>Select Active Directory Repair radio button and hit on Apply –>Click OK.

25. Click on restart button.The machine reboots in Directory Services Restore Mode.

26. Login to the machine with Local Admin account into Active Directory Services Repair mode.

27.  After  login into Repair Mode  open the Script which was downloaded from the recovery manager.

28. Open the Power Shell script as shown below.

29. After opening the  Power shell script type “Y” and hit Enter.

30. Enter Version ID which was copied and hit on Enter key.

31. Enter the credentials User Name and Password where backup exist as below.

32. Hit on Enter.

33. Enter”Y” and hit Enter key. After hitting Enter key restoration process will start as shown below. It will display number of             files recovered.

34. It will display the recovery  % status  once restoration starts.

35. Once Recovery is completed system gets reboot after login with local admin account it goes to command prompt shown                 below.

36. Press Enter button and restart the machine in normal mode by unchecking  Active directory Repair option in system                       configuration tab.

37. Hit on apply and click on OK  it will pop up a window to restart the machine.

38. Click on Restart button.Machine will reboot in normal mode.

39. After reboot login with domain admin account.This is how the forest restored.

40. Need to follow the same process to restore the Child domains.

Active Directory Trust between two domains!

1. To configure trust between two domains  follow the below steps.

2. Go to  Start –> Administrative tools –> Click on Active Directory Domains and Trust.

3.  Right Click on domain and go to properties.

4. Click on Trusts.

5. Click on New Trust and hit on OK.

6. Hit on Next.

7.  Enter the Fully Qualified Domain Name (ex: domain1.contoso.com). Hit on Next.

8. Select Realm Trust. Hit on Next.

9. Select Non transitive and hit on Next.

10.  Select Two-way trust and hit on Next.

11. Enter the Trust Password and hit on Next.

12. Hit on Next.

13.  After successful configuration it will display the message “Trust relationship created successfully”. Hit on Finish.

14. After configuration check the domain name which you have entered in the trust list. This is how the trust relationship is configured.

This is how trust relation ship is configured in cross domain environment.