SUMMARY
This article discusses
how to use system state backups to restore information that the Microsoft
Windows 2000 File Replication Service (FRS) requires. back to the
top
When to Use System State Restore With FRS
The reason that system state restores that use Ntbackup.exe are
rarely used to recover FRS content is because the data that FRS replicates is
typically located in the target folder, which is the pre-existing folder on a
member of the replica set.
Perform system state restores with FRS
only in either of the following scenarios:
- Object Recovery: To recover deleted FRS objects in the directory service,
including FRS member, subscriber and connection objects that defined the
replica set. This scenario typically occurs when objects are unintentionally
deleted from the Active Directory directory service by using the Active
Directory User and Computer administrative tool or Ldp.exe. In some cases, the
deleted objects prevent FRS from successfully replicating the SYSVOL replica
set. This prevents the propagation of changes to Group Policy objects. In this
case, a system state restoration in the best method to resolve this issue.
For additional information about Ldp.exe,
click the following article number to view the article in the Microsoft
Knowledge Base:
244344
Deleting objects from Active Directory using Ldp.exe
- File Recovery: The files for the replica set no longer exist on any FRS
replication member. This scenario typically occurs when administrators
accidentally delete the Policies folder on one replica when they try to rebuild
a policy. FRS replicates the deletion of the Policies folder to all other
domain controllers in the domain until all the Policies folders are
deleted.
Because system state backups include copies of the Active
Directory database and the contents of SYSVOL, you can use them to recover from
both these scenarios.back
to the top
Object Recovery with System State Restoration
FRS replication is prevented because there are missing objects in
the Active Directory. Recovery from a system state backup permits you to return
to typical FRS operation. To do so:
- Perform a system state restoration on a domain controller.
For additional information about how to perform a system state
restore, click the following article number to view the article in the
Microsoft Knowledge Base:
240363
How to use the Backup program to back up and restore the system state in Windows 2000
- Configure the files in the DFS root on that domain
controller such that they are authoritative for the restored information. When
you replicate for the first time, the files and folders on the first server,
also known as the initial master server, become authoritative. This means that those files and folders
are duplicated to other additional domain controllers for the first replication
cycle before multimaster replication takes effect. By marking the restored
files as authoritative, they will be used as the source for replication until
multimaster replication begins.
- re-create any member objects for computers that were added
to the domain since you created the system state backup. You may want to use a
script to help you.
File Recovery with System State Restoration
If FRS replication is affected because of a deletion
that FRS replicated, recovery from a system state backup permits you to return
to typical FRS operation.
Note: If a domain controller has not yet completed replication, you
can recover the deleted files by moving the files out of the replica tree, then
moving them back into the replica tree on the domain controller that has not
yet completed replication. The files receive new file version numbers, which
causes them to replicate back to the other replication members.
To
recover deleted files by using system state restoration, follow these steps:
- Perform a system state restoration on a domain
controller.
For additional
information about how to perform a system state restoration, click the
following article number to view the article in the Microsoft Knowledge Base: 240363
How to use the Backup program to back up and restore the system state in Windows 2000
- During the restoration, restore the files to a different
location. To do so, in the Restore Files to box, click to
select the Alternate location check box, and then select a
temporary folder.
- When the restore is complete, copy the files from the
temporary folder to the appropriate FRS folder for replication. If these are
policy files, copy them to the Policies folder in the SYSVOL tree.
Note The object's original permissions will be added to inheritable
permissions in the new location. To add an object's original permissions to
inheritable permissions when you copy or move an object, use the Xcopy.exe
utility with the -O and -X switches. To preserve existing permissions without
adding inheritable permissions from the parent folder, use the Robocopy.exe
utility. This utility is available in the Windows 2000 Resource Kit. - Synchronize the Group Policy objects in the directory
service to those that are now stored on the file system, including the Gpt.ini,
which contains the Group Policy Template version numbers.
Note: It is not a good idea to perform an authoritative restore by
using the
BurFlags
registry key. This reverts objects in the directory service and registry values
to an earlier state, so the authoritative restore may have a greater effect
than you want.
back
to the top
Preventative Planning
Appropriate planning that includes regular system state backups is
very valuable for preventing data loss. Include the following steps in your
preventative maintenance planning:
- Perform regular system state backups. Update these backups
before and after you make changes to the directory service such as the addition
and removal of domain controllers in the domain, and the addition, deletion or
modification of policies.
- Maintain an off-site additional domain controller that is
configured with an infrequent replication schedule (also known as a lazy replication schedule). A lazy replication schedule replicates every three to four
days. This permits you to retrieve objects and mark them as authoritative if
there is an accidental deletion.
back to
the top