Active Directory Disaster Recovery Course

I attended an AD disaster recovery course recently and created my notes in a Writely document. Here they are below, feel free to comment on this article if you have any questions.

KB Links to look at:

  • KB216498
  • KB311078
  • KB223757
  • KB840001
  • KB290762 – Using the BurFlags registry key to reinitialize File Replication Service replica sets

Other interesting points:

  • Strict/loose replication
  • Install from media dcpromo – dcpromo /adv
  • Force removal of AD – dcpromo /forceremoval
  • ntdsutil “metadata cleanup”
  • repadmin /replsum
  • ldp.exe
    • Connection -> Connect
      Leave server blank for local server, port 389 for LDAP, or port 3268 for GC
    • Connection -> Bind
      Leave blank for locally logged on user
    • View -> Tree
      Select tree from drop-down list
    • Right-click an object in the tree, select Advanced -> Replication metadata, then click OK. Should be similar output to repadmin /replsum
  • Change boot.ini to include /SAFEBOOT:DSREPAIR and with Remote Desktop enabled you can reboot to directory services mode and restore AD.
  • ldifde
    • ldifde -d “dn path” -r “(standard LDAP query)” -l “comma-seperated list of attributes” -f output.ldf
    • ldifde -i -k -f input.ldf
  • bootcfg to change boot order of local or remote server.
    • bootcfg /default /S servername /id 2
    • bootcfg /query /S servername
  • Fix GPO’s
    • recreatedefpol.exe for Windows 2000
    • Dcgpofix for Windows 2003
  • FRS monitoring: SONAR, ULTRASOUND

Other useful links:

Leave a Reply

Your email address will not be published. Required fields are marked *