Backup and standard restore of ad: in-Depth Active Directory series (iv)

You've often heard of backup and restore of databases, such as SQL Server, Oracel, and so on. OK, this section discusses backup and restore of Active Directory databases.

Backup of Active Directory databases is a very important work in an enterprise application environment, whether it is a single domain, single domain, multi-domain control, or multi-domain multi-domain environment, the backup of Active Directory database is often done. The benefits of backup are as follows:

1, disaster recovery. For a single domain, single domain controlled enterprise environment, if Active Directory is sick, such as misoperation, disk, and so on, it is easy to recover if we back up the Active Directory database. Of course, for a single domain multi-domain control environment and multi-domain multi-domain control environment is the same truth, the process is relatively cumbersome.

2, transfer the data. If we are going to build an extra domain controller in the current domain, whether this new additional domain controller is in a geographic location with the primary domain controller or in a different geographic location. It is a very time-sensitive method to transfer data through backup.

This section of the experimental environment, as shown in the following figure

First, pre-backup preparation

Understand the working process of Active Directory

When we interact with the Active Directory, such as adding, updating, deleting, and removing objects in the Active Directory, the business logic is actually based on the transaction mechanism. transactions, which we know to follow the acid principle, do not exist without the acid principle. Transactions are visible everywhere in relational databases, and are of course common in enterprise applications. A series of operations in a transaction are either successful or not done.

When the data in the Active Directory is modified, the following procedure is followed:

The steps are as follows:

1, we submit a write request to the Active Directory

2,ad Initializes a transaction based on a write request

3, and then the ad caches the transaction in memory,

4, while AD writes the transaction operation to the transaction log file Edb.log

5, then ad writes the transaction result to the database file on disk Ntds.dit

6, then the ad compares the database files and log files to ensure that the transaction is committed

7, the last AD update checkpoint file Edb.chk

Understanding the role of Active Directory database files