Win Server R2 Primary domain-controlled disaster recovery

Long time no write things, a few days ago encountered a business, because the main domain control in the absence of any protection, the naked run after the infection virus, directly collapsed (without words), and can not be restored. Want to be able to complete the function of disaster recovery, today to share with you the process of recovery.

The whole process is not difficult, but everyone in this operation, the idea must be clear, and the operation must be careful.

Specific thinking Steps: (may not be perfect, welcome to add)

1. Thoroughly check the primary domain control SRVDC01 state, which mainly includes whether completely unable to start or just functional failure

2. If the primary domain control can barely log in, back up all the useful files can be backed up or application configuration, such as CA Certificate Server configuration.

3. Ensure that the SRVDC02 is a global catalog server GC and that the primary DNS is temporarily pointing to itself.

4. Use the Ntdsutil command on the auxiliary domain control SRVDC02 to rob the FSMO of the five major roles.

5. Delete all data information and SRV records of the failed primary domain control SRVDC01 on the auxiliary domain control SRVDC02.

6. Ensure that the IP and machine name are not changed, reload the SRVDC01 member server and add domain, promote to domain control.

7. Migrate the FSMO five roles from SRVDC02 back to SRVDC01, promoting primary domain control.

Let's take a look at the detailed steps and:

According to the different backgrounds of each failure, my following steps and only 3, 4, 5, omitted the above 1, 2, 6, 7.

1. First open the CMD command line on the secondary domain control SRVDC02 with administrator privileges, enter NETDOM query FSMO to view the position of the five major roles

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/CC/wKioL1VSyFfBCA1OAAFN2dvftrQ224.jpg "height="/>

2. Open the ad Site and service on the secondary domain control SRVDC02 to check if the secondary domain control SRVDC02 is a global catalog server GC

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyFjixXqtAAIR3453Vr4245.jpg "height=" 484 "/>

3. Continue to use administrator privileges to open the CMD command line on the secondary domain control SRVDC02 and enter the Ntdsutil command to rob the FSMO of the five major roles.

Note: This is when selecting server connections servers connection, because the primary domain control SRVDC01 is offline, so select the auxiliary domain control directly SRVDC02

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/CC/wKioL1VSyFiBnAwyAAFBmHKiI0w943.jpg "height="/>

4. After the system-prompted FSMO maintenance, enter five commands to rob the corresponding role, respectively

Rob structure Master seize infrastructure master
Rob named host seize naming master
Rob PDC seize PDC
Rob RID master seize rid Masters
Rob Architecture host seize schema master

If you can't remember the key, direct FSMO maintenance:? Check it out.

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/CC/wKioL1VSyFmQUoW5AAJrtD0NZNA547.jpg "height=" 373 "/>

5. The following are the looting steps of the five characters

Note: During the looting process, the system will prompt the warning or error, this is normal phenomenon, because the SRVDC01 master domain control has been taken offline, after the first time not found the primary domain control,

The role is automatically overwritten with the connected SRVDC02 secondary domain control.

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyFqTWY6qAAJg0Ge6I2w609.jpg "height=" 413 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/CC/wKioL1VSyFuDxDs2AAJQx1GtVcU184.jpg "height=" 417 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" http:// S3.51cto.com/wyfs02/m01/6c/d2/wkiom1vsxuhad_xzaalultvo4sg360.jpg "height=" 418 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyF3TnL4nAALDY6XvvyU562.jpg "height=" 418 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/CC/wKioL1VSyF2Abc4SAALQAg8rKkQ902.jpg "height=" 413 "/>

6. View the looting role on SRVDC02 with the netdom query FSMO command

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/D2/wKiom1VSxuSx5hZLAAKppy4JYs8350.jpg "height=" 415 "/>

7. Remove residual information from the fault domain control SRVDC01

Traditional methods We also through the command line metadata cleanup command to delete each, but here I give you a Microsoft Official VB Script, very useful!

Name: Remove Active Directory Domain Controller Metadata

Detailed description and: https://gallery.technet.microsoft.com/ScriptCenter/d31f091f-2642-4ede-9f97-0e1cc4d577f3/

After running VB, will automatically search out the current domain environment of all the domain control, just fill in the domain name to be cleared, we fill in the Fault domain control SRVDC01

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/CC/wKioL1VSyF-xQkMdAAD5LHZyH_w014.jpg "height=" 354 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyF-yBf1yAACEE51JMQc587.jpg "height=" 143 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/CC/wKioL1VSyF_CS0DSAABaGpnTTmI710.jpg "height="/>

8. If you do not want to use this VB script in step 7th, you can use the command line to delete the following steps.

First bind the master domain control, then locate the site in the domain, select the site, find out the domain control in the site, select the domain control, and finally use remove selected server to delete the residue information.

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyGDTM1O2AAKQ_Epb-dc796.jpg "height=" 417 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/D2/wKiom1VSxuaSV586AALSOsMbEBA760.jpg "height=" 418 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/D2/wKiom1VSxufxWB_KAAK5RBQAFp4294.jpg "height=" 413 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/CC/wKioL1VSyGLh4kOcAALaqIOPGFU521.jpg "height=" 416 "/>

9. Log in to the new "primary Domain" SRVDC02 DNS (SRV records), sites, ad Users and computers, ADSI up to check if old SRVDC01 information has been deleted,

If you do not delete it, you can delete it manually.

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M02/6C/CC/wKioL1VSyGPxd6ZsAAF8MvymYG8809.jpg "height=" 222 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M00/6C/CC/wKioL1VSyGPD7iWCAAFt8MwVpbQ489.jpg "height=" 484 "/>

650) this.width=650; "title=" image "style=" border-top:0px;border-right:0px;background-image:none;border-bottom:0 px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt=" image "src=" Http://s3.51cto.com/wyfs02/M01/6C/CC/wKioL1VSyGSgFvlqAAG6YR6TTjo780.jpg "height=" 463 "/>

At this point, the fault domain control has been completely removed from the domain environment. It is now possible to re-install the SRVDC01 member server and add domain to the domain under the condition that the IP and machine name are not changed,

Then, the five major roles of FSMO migrated from SRVDC02 back to SRVDC01, and promoted to master domain control.

You can also refer to the following links

http://blog.csdn.net/iloli/article/details/6620033

This article is from the "June Ma Run Space" blog, be sure to keep this source http://horse87.blog.51cto.com/2633686/1650909

Win Server R2 Primary domain-controlled disaster recovery