Three methods to restore Data

Link: http://www.xitongzhijia.net/xtjc/20121017/17511.html

As an internal enterprise network administrator, it is inevitable that there will be exceptions in the routine maintenance of the Active Directory of the AD. How can we solve this inevitable accident? To avoid the loss of the current production environment, the enterprise's internal network administrator can restore the lost user data at the first time. This tutorial will explain the methods for restoring the data:

Method 1 (unauthorized restoration): Use the ntbackup tool to restore all user accounts and ou through the system status data backed up in advance. Method 2 (authorization restoration): Use the ntbackup tool to restore the deleted user account through the system status data backed up in advance, and then use ntdsutil to perform authorization restoration.

The ntdsutil syntax is as follows (refer to the Microsoft Knowledge Base ):

Ntdsutil "authoritative restore" "Restore object" Q

For example, to perform an authorization restoration for the user johndoe that has been deleted from the Mayberry ou in the contoso.com domain, run the following command:

Ntdsutil "authoritative restore" "Restore object Cn = johndoe, ou = Mayberry, Dc = contoso, Dc = com" Q

To restore the security group contosoprintaccess that has been deleted from the Mayberry ou in the contoso.com domain, run the following command:

Ntdsutil "authoritative restore" "Restore object Cn = contosoprintaccess, ou = Mayberry, Dc = contoso, Dc = com" Q

For example, to perform an authorization restoration for the user johndoe that has been deleted from the Mayberry ou in the contoso.com domain, run the following command:

Ntdsutil "authoritative restore" "Restore object Cn = johndoe, ou = Mayberry, Dc = contoso, Dc = com" Q

To restore the security group contosoprintaccess that has been deleted from the Mayberry ou in the contoso.com domain, run the following command:

Ntdsutil "authoritative restore" "Restore object Cn = contosoprintaccess, ou = Mayberry, Dc = contoso, Dc = com" Q

Method 3 (use a third-party tool to restore without backing up the system status ):

Use the adrestore.exe tool to implement:

Step 1: Download The adrestore Tool

Step 2: Enter "the first letter of the drestore User Name" at the DC command prompt to view the data of the lost user.

Step 3: continue to use the "first letter of the drestore-r user name" on the DC to restore

* Note * If the restored user is disabled, You need to reset the password to fix the login name and disable the password for normal use. we recommend that you back up the system status. use the official authorization method.

Add a method to reset the administrator password in recovery mode:

Log on to the DC using administrator and enter the command prompt.

Step 1: ntdsutil

Step 2: Set dsrm Password

Step 3: Reset Password. Server server name

In enterprises that use the domain environment for IT management, the data in the Active Directory of AD is crucial. therefore, whether you are an internal enterprise network administrator or not, you should take a good look at the methods to restore data in this tutorial.